Our Four-Phased Approach

To support our client organizations, we have developed a four-phased approach that includes activities to examine how HIPAA can be leveraged into operational improvements and e-commerce solutions. The result is highly efficient HIPAA compliance programs that are integrated with existing operational imperatives. The four components of our HIPAA approach are:

1. Executive Education. We hold a kick-off session, agree on key objectives, provide a high-level conceptual overview of HIPAA, and meet operational staff who will participate in the gap process.

2. Assessment. We perform an assessment of the organization's readiness for HIPAA compliance. This results in a gap analysis and roadmap for achieving compliance supported by high-level cost estimates, timelines, and resource requirements. At the conclusion of this stage, we provide an Executive Summary and an Action Plan.

3. Planning and Implementation. At this stage, we seek to gain consensus on the scope and timetable of Action Plan items, and work with client work groups to modify key processes, and develop policies and procedures required in the HIPAA regulations. At the conclusion of this stage, we conduct post implementation reviews to insure that the security and privacy architecture will sustain HIPAA compliance over time.

4. Awareness and Training. In many organizations, HIPAA has a significant impact on operational, administrative, and technical environments. The regulations require early awareness education for key management staff and intensive training for employees on new policies and procedures concerning the protection of patient health information. At this stage, we provide employee awareness training.

Resources White Papers News