Skip to main content

HIPAA Compliance Services

The HIPAA Privacy and Security Rules apply to any organization that manages electronic protected health information, or ePHI.  This includes medical practices, health plans, biotech firms, pharmacies, medical device manufacturers, and service providers. 

Third-party validation of your HIPAA compliance is an important step in protecting your patients and business from a potential data breach.  Focal Point's team of compliance, IT, and legal experts have helped dozens of healthcare and technology organizations achieve and maintain compliance with the HIPAA, HITECH, and Omnibus mandates.   

Our HIPAA services will help your organization: 

  • Understand HIPAA’s impact on your organization 
  • Map your data as it moves through your organization, determining the assets that need to be secured 
  • Identify and prioritize your data risks and mitigation efforts 
  • Develop a sustainable HIPAA compliance program 
  • Improve and document policies and procedures 

Focal Point as your HIPAA Compliance Partner

Focal Point provides HIPAA support to companies across the country, including some of the top healthcare providers, technology companies, and insurance providers.  These companies have chosen Focal Point because of our unique combination of experience in both HIPAA privacy and security as well as our commitment to client service.  In addition, Focal Point offers: 

Data Security Capabilities – Focal Point has a robust cyber security practice with extensive experience performing vulnerability assessments, penetration testing, web application security testing, network hardening and source code analysis.  These professionals are integrated into our HIPAA compliance teams when needed. 

Thorough Risk Analysis – The risk analysis, a required component of HIPAA compliance, is key to understanding your full privacy risk universe.  We have experience assessing against all major frameworks, including CobiT 5.0, NIST 800-30, NIST 800-66, ITIL V3. 

Legal Expertise* – A number of our privacy experts join us from some of the leading privacy law firms in the nation. Their legal knowledge allows us to quickly interpret regulatory standards and provide valuable guidance to our clients. In addition, we also maintain relationships with major law firms across the United States as well as the FTC, US Trustee Office and OCR, to stay current with legal trends and regulatory changes in the privacy and data security space.

Self-Assessments for Small Providers – Focal Point's HIPAA Risk Advisor is a web-based tool that offers a cost-effective HIPAA Security Rule Risk and Gap Analysis for small and mid-sized medical practices.  Read more at about HIPAA Risk Advisor.

Streamlined Audits – Having performed many successful HIPAA audits, our methodology is designed to make HIPAA compliance as simple, straightforward, and painless as possible.  Our risk analysis, gap analysis, penetration testing, and policy and procedure development services work together to provide a single solution with minimal impact on business operations. 

Focus on Long-term Value – We strive to deliver tailored solutions that provide long-term value to your organization.  We provide advisory support to help our clients maintain sustainable HIPAA programs, reducing future costs and improving the efficiency of key processes. 

Other HIPAA Compliance Services

PHI Breach Notification 

Focal Point can assist with the creation of incident response procedures and an operational post-breach workflow. This workflow will help guide your organization through the required steps to ensure compliance with state breach notification laws, HITECH Act and other applicable privacy regulations. 

HIPAA Policies and Procedures Development 

Focal Point has helped many organizations develop, formalize and/or re-evaluate their HIPAA/HITECH policies and procedures to ensure they are meeting the needs of the organization and all regulatory requirements.  

HIPAA Security 

We provide cyber security services to ensure that PHI is secure from inappropriate access or disclosure.  Our testing and assessment services include Information Security Assessments, Vulnerability Assessments, Penetration Testing, IT Risk Assessments, and other technical security assessments. 

Pre- and Post-Implementation HIPAA Audit 

Focal Point can determine if your soon-to-be-integrated application meets your HIPAA compliance requirements and assist you in preparing for go-live. Similarly, we can audit a new system following implementation to identify opportunities to improve internal controls and ensure compliance with HIPAA and HITECH.

*Focal Point is not a law firm and does not provide legal advice.

contact Focal Point

tweets by @FocalPointDR

Loading Tweets...
VIEW MORE TWEETS >