HIPAA’s Privacy provisions became effective 04/14/2003 and 04/14/2004 for Large Plans and Small Plans respectively. For these purposes, the same definitions as those used by the SBA apply. The Privacy provisions, when integrated with HIPAA’s Security provisions, require operational, document and educational performance. Adherence to Best Practice generally minimizes the possible considerable personal exposure of clients’ employees.
KRAA Security provides HIPAA specialists that are experienced former Privacy Officers who are process and compliance professionals to perform the best in third-party assessments. We work with each client to improve compliance on an ongoing basis accompanied by annual maintenance assessments.
Our HIPAA Privacy assessment includes but is not limited to:
How the Process Works
KRAA Security specialists initiate the assessment process by reviewing each client’s responses to an Audit Target questionnaire and associated attachments. This is followed by on-site audits by KRAA Security staff at each agreed-upon business location. From these initial data sets, a Compliance Baseline is documented. A Gap Analysis which delineates the differences between the Baseline and Best Practice is presented. This is followed by a Risk Assessment commonly known as a risk vs. reward analysis. We work with clients to meet or exceed Best Practice requirements on all agreed-upon Audit Targets