Home | Press | Contact Us | Site Map
ecfirst Home
 
.
 

PRESS RELEASE
Contact: Nazeela Shokrai
Email: Nazeela.Shokrai@ecfirst.com  
Website: http://www.ecfirst.com

    

 

HIPAA Security Audits to Begin! Is Your Organization Prepared for an Investigation?

ecfirst AuditShield™ Service Launched

NEWPORT BEACH, CALIFORNIA, USA – March 8, 2008:
HIPAA Security legislation is finally growing teeth as CMS initiates a sincere audit effort. GovernmentHealthIT reported recently at a workshop on HIPAA Security, that CMS announced it will begin audits by reviewing 10 to 20 hospitals in the next nine months for compliance with the HIPAA Security Rule. As you may already know, the Secretary of Health and Human Services (HHS) delegated to the Administrator, Centers for Medicare & Medicaid Services (CMS), the authority to investigate complaints of noncompliance with, and to make decisions regarding the interpretation, implementation, and enforcement of regulations including the HIPAA Security Rule.

Is your organization ready for a HIPAA Security audit?

The HIPAA Security Rule’s Risk Analysis implementation specification is a requirement that all covered entities must meet. It is not an Addressable specification. This requires organizations to conduct an accurate and thorough assessment of the potential risks and vulnerabilities to the confidentiality, integrity, and availability of electronic protected health information (EPHI) held by the entity.

ecfirst has obtained critical new information on the two key areas that would be part of an investigation. These areas include key personnel that may be interviewed, including the CEO and many others, as well as a critical list of documents that will be required for review and analysis.

Compliance requirements as well as rising threats to the information infrastructure are resulting in organizations’ conducting vulnerability assessments to establish the state of enterprise security. These assessments typically include external, internal, and wireless penetration testing.

AUDITSHIELD™ SERVICE LAUNCHED

To assist organizations to prepare for and manage possible audits, ecfirst has launched our AuditShield™ service. Key elements of the AuditShield™ program include immediate access to ecfirst HIPAA Security Compliance Experts and a pre-determined response plan that brings our team to your site to complete critical activities before and during the audit. For more details, please contact Nazeela Shokrai at Nazeela.Shokrai@ecfirst.com to learn more about this priority-response audit program.

DOWNLOAD HIPAA SECURITY AUDIT BRIEF

To learn more about CMS’ audit investigation priorities, download the executive brief, CMS Requirements for a HIPAA Security Audit, authored by HIPAA expert, Ali Pabrai. The brief walks you through the critical steps that an organization must take to achieve complete compliance with the HIPAA Security Rule. The complimentary brief is available exclusively from your compliance experts at ecfirst.     http://www.ecfirst.com/complianceportal

ABOUT ECFIRST AND THE HIPAA ACADEMY

ecfirst, an Inc. 500 business, has served over 1400 clients all across the United States in the areas of compliance, security and professional services. ecfirst delivers deep expertise with its full suite of services that include Compliance Auditing, Contingency Planning & Business Impact Analysis (BIA), Vulnerability Assessments, our industry-unique Managed Compliance Program, Single Sign-On analysis and implementation, IT Project Management, and general security and IT infrastructure solutions. The HIPAA Academy, the gold standard for HIPAA consulting, training and certification, introduced the industry's first Managed Compliance Services Program for HIPAA - a 36-month, budget friendly, fixed price offering to achieve and maintain complete HIPAA Security compliance. The HIPAA Academy's training program is exclusively endorsed by the American Hospital Association (AHA). The HIPAA Academy is a division of ecfirst. More details are available at www.ecfirst.com or at www.HIPAAAcademy.Net.

ABOUT ALI PABRAI

Ali Pabrai, CISSP (ISSAP, ISSMP), CSCS, is the chief executive of ecfirst. A highly sought after information security and regulatory compliance expert, he has successfully delivered solutions on security and compliance to hundreds of organizations across the United States. Author of The Art of Information Security, he developed a unique security methodology called, BizShield: The Seven Steps to Enterprise Security. BizShield today provides the framework for many security initiatives at numerous client organizations. Pabrai created the industry's first certification program on compliance and information security, the Certified Security Compliance Specialist, CSCS™. Pabrai next presents the CSCS program in Newport Beach, California, on May 14th and 15th, 2008. For more information and to register, please visit http://www.ecfirst.com/.

CONTACT US

We encourage you to visit the industry's most complete compliance portal at www.ecfirst.com for access to all major information security regulations.  To learn what remediation actions are bring prioritized by other hospitals and health systems in the area of compliance and information security, schedule Ali Pabrai, CISSP, CSCS to visit your site.

Contact Nazeela Shokrai at Nazeela.Shokrai@ecfirst.com for more information on ecfirst or the HIPAA Academy or to bring Ali Pabrai to your site.

# # #

Last updated: March 14, 2008