HIPAA Compliance

What is HIPAA Compliance?

Let our Compliance, Security, and Risk experts Assist with your Cybersecurity Program

What is HIPAA Compliance?

The Health Insurance Portability and Accountability Act of 1996 (HIPAA) is a broad national standard that places protections around healthcare and health insurance in the United States of America. While the standard touches many different aspects of patient care, there are specific provisions or “rules” designed to protect sensitive patient health information from improper use and disclosure. The rules were required by HIPAA to be developed by the Secretary of the U.S. Department of Health and Human Services (HHS). The rules included the HIPAA Privacy Rule, and a subset of requirements labeled the HIPAA Security Rule. The outcome for not adhering to HIPAA requirements can result in civil and even criminal penalties.

The two rules outlined above set the overall requirement for administrative, technical, and physical safeguards as they relate to HIPAA. It is these types of controls that our consultants help organizations to achieve.

Administrative Safeguards

  • Risk Assessment

  • Risk Management Program Development

  • Virtual Risk Officer

  • HIPAA / HITECH Gap Assessments

  • HIPAA Security Policies

    • Sanction Policies

    • Information Security Policy Development

    • Policy Reviews

  • Information Systems Assessment and Reviews

  • Security Awareness Training

  • Business Continuity Plan Development

  • Vendor Risk Assessments

Physical Safeguards

  • Physical Security Assessments

    • Site Visits

  • Social Engineering Testing Services

  • Fraud Assessment Services

  • Business Continuity and Contingency Planning Services

  • Building Access Control Planning Services

  • Data Disposal Plan and Solutions

    • Electronic

    • Physical Media

  • Data Backup Plan and Solutions

Technical Safeguards

  • Vulnerability Assessments

  • Penetration Testing Services

  • Incident Response Plan

  • Data Breach and Forensic Investigation Services

  • Network Access Control (NAC) Services

    • Dynamic Segmentation Security Programs

  • Identity and Access Management Solutions

  • Security Log Monitoring

  • Endpoint Detection and Response Solutions

  • Encryption Solutions

  • Virtual Chief Information Security Officer

  • Virtual Privacy Officer Services

  • Medical Device Risk Assessments

Company Strengths at a glance

Our Strong Points

Cyber Security Services (CSS) has been helping organizations meet HIPAA compliance requirements since 2013. We work with clients to meet the administrative, technical, and physical safeguards required by HIPAA. 

Risk and Compliance

At CSS, we help with your Risk and Compliance programs. We also setup standards that make sense for your industry. If a program already exists, we piggyback off of what you are currently doing and make adjustments as needed.

  • SOC 2 Type I and 2 Planning
  • ISO 27001:2022 Delivery
  • Risk Assessments
  • Governance, Risk, and Compliance (GRC) Setup
  • Internal Audit of Controls
  • PCI, HIPAA, FERPA, FACTA, GLBA Programs
  • ISO 27001, NIST Cybersecurity Framework, CMMC and NIST 800-161 Programs

Threat Protection and Response

We understand that vCISO is focused on strategic risk and compliance objectives throughout the year, but some organizations require hands-on cybersecurity expertise. Our team of professionals are ready to jump in where you need us the most. Our experts are assigned based on your specific needs. 

  • Penetration Testing and Threat Hunting
  • Incident Response Program
  • Incident Tabletop Exercises (TTX)
  • Ransomware Prevention Program
  • Vulnerability Scanning and Vulnerability Management
  • Security Engineering and Architecture Assistance
  • Identity & Access Management
  • Managed Detection and Response (MDR) with CrowdSTrike

Schedule a Call with a Cyber Security Expert

drop us a line and keep in touch

Contact Us
close menu icon

Learn how we helped 100 top brands gain success.

Let's have a chat