AuditShield™ Program

Immediate Access to Expert Resources for Managing Audits

Starting in 2008, CMS is initiating a sincere audit effort. It has been reported that CMS will begin audits by reviewing 10 to 20 hospitals in the next nine months for compliance with the HIPAA Security Rule. Is your organization ready for a HIPAA Security audit? The ecfirst AuditShieldTM Program provides immediate expertise that your organization can engage to manage all activities including communication and development of critical documentation to help you address audit requirements.

The audit process can consume valuable time and resources of key professionals and management in your organization. HIPAA Security Audits are a new phenomena and the announcement of an audit process involving your organization may cause undue stress, anxiety, and huge amounts of misguided effort. Organizations also may lack the expertise required to manage the audit process. ecfirst can help. We will not only provide immediate resources to respond to queries but also assist you in streamlining processes so your organization can address this challenge and be on the path to complete compliance.

HIPAA has very specific requirements that must be met. For example, the HIPAA Security Rule’s Risk Analysis implementation specification is a requirement that all covered entities must meet. This requires organizations’ to conduct an accurate and thorough assessment of the potential risks and vulnerabilities to the confidentiality, integrity, and availability of electronic protected health information (EPHI) held by the entity.

Organizations typically struggle with not just addressing HIPAA compliance requirements but with rising threats to the information infrastructure. ecfirst, provides capabilities to conduct a vulnerability assessment of your infrastructure to establish the state of your enterprise security. An assessment typically includes external, internal, and wireless penetration testing. This is one component that may be audited for assessing compliance status. The ecfirst AuditShieldTM Program can be leveraged by your organization to identify key gaps and help your organization be better prepared for an audit.

AuditShield™ Deliverables

  1. Immediate access to ecfirst HIPAA Security Compliance Experts
  2. Initiate a documented, pre-determined response plan
  3. ecfirst experts arrive onsite within 4 business days
  4. Manage the complete audit process
  5. Build audit response documentation kit for presentation to CMS auditors
  6. Document all information requested and prepare response to areas identified during the audit
  7. Respond with all required information and communicate with all involved parties on activities and status
  8. Establish framework for complete knowledge transfer to enable the organization to improve processes and capabilities
  9. Presentation to all involved staff on what to expect and who will be interviewed

YOUR COMMITMENT TO US

  1. Call ecfirst immediately upon receipt of notice to conduct audit – time is critical!
  2. Full and immediate access to key members of IT staff, IT management, and executive management to address audit requirements
  3. Full access to compliance and security documentation including policies, procedures, logs, and prior assessment materials.

COMPLETE KNOWLEDGE TRANSFER

We will deliver a complete report of our experience in managing your audit process.  This Report will clearly establish areas in which your organization is in compliance, partial compliance or non-compliance with the requirements of regulations that impact your business. A prioritized and actionable list of recommendations will be included. We will document and turn over to you the complete audit response documentation kit. In addition to materials prepared for the audit, notes will be included from staff taken after their interviews with CMS auditors.

About ecfirst

ecfirst delivers world-class information security, regulatory compliance solutions and its professional services team enables businesses address IT staffing challenges every day. With over 1400+ clients, ecfirst was recognized as an Inc. 500 business – America’s Top 500 Fastest Growing Privately Held Business in 2004 – our first year of eligibility. ecfirst assists organizations with their compliance initiatives for a secure information infrastructure that is compliant with regulations such as PCI DSS, HIPAA, Sarbanes-Oxley, ISO 27002, or federal and state legislations.

ecfirst serves a Who's Who client list that includes technology firms, numerous hospitals, state and county governments, and hundreds of businesses across the United States and abroad. A partial list of clients includes several hospitals, long term care organizations, EMC, IBM, Principal Financial, U.S. Army, U.S. Dept. of Homeland Security, U.S. Dept. of Veterans Affairs and many others.

Information Security & Compliance

ecfirst delivers deep expertise with its full suite of services that include Single Sign-On (SSO), context management, contingency planning/Business Impact Analysis (BIA), vulnerability assessment, as well as managed compliance, security and IT infrastructure solutions. ecfirst has successfully executed fixed price, fixed deliverable, turnkey projects across the United States.

World-class IT Professional Services

The ecfirst Professional Staffing Practice excels in meeting your short and long term requirements for contract professionals in the areas of Web development, system, database and network administration, application development, system architecture, and project management. This practice is distinguished with credentialed staff (PMP, CBCP, CISSP, CSCS, CHSS or others that may be required) that includes deep industry knowledge in the healthcare, financial, technology and government markets.

Compliance and Training Certification

The Certified HIPAA Administrator (CHA™), Certified HIPAA Professional (CHP) and the Certified HIPAA Security Specialist (CHSS™) certifications are the gold standards in the Industry. The ecfirst Certified Security Compliance Specialist (CSCS) Program is the first and only information security program that addresses all major compliance regulations from a security perspective.

Talk to ecfirst and you will find an organization that is passionate about the services we deliver and exceptionally devoted to its clients. For more information, please visit http://www.ecfirst.com/.