• Blog
  • Services
    • PHIshMD Ongoing Training
    • HIPAA Compliance
    • Discover Vulnerabilities to Patient PHI
  • Store
    • HIPAA Secure Now Service Store
  • Contact Us
    • Sales Inquiry
    • Customer Support
  • Resources
    • Free Healthcare Security Check Up Quiz
    • HIPAA Compliance Requirements | A Guide
    • Webinars & Downloadable Content
    • Use our free Breach Cost Calculator
    • HIPAA Secured Seal
    • In-Email Training & Analysis | Catch Phish

Call us at: 877-275-4545

Client or Partner? Login here
HIPAA Secure Now!HIPAA Secure Now!
  • Blog
  • Services
    • PHIshMD Ongoing Training
    • HIPAA Compliance
    • Discover Vulnerabilities to Patient PHI
  • Store
    • HIPAA Secure Now Service Store
  • Contact Us
    • Sales Inquiry
    • Customer Support
  • Resources
    • Free Healthcare Security Check Up Quiz
    • HIPAA Compliance Requirements | A Guide
    • Webinars & Downloadable Content
    • Use our free Breach Cost Calculator
    • HIPAA Secured Seal
    • In-Email Training & Analysis | Catch Phish

where do you stand in the fight against cyber crime?

Healthcare Cybersecurity Check-Up

My HIPAA compliance options

Healthcare Cybersecurity Checkup

Get a better understanding of where your organization stands on the road to HIPAA compliance! We'll dive into basic human security practices that are key in protecting patient data and assess your current compliance with HIPAA regulations. We'll also provide steps you can take to ensure your organization is proactive, protected, and prepared.

Step 1 of 12

8%
  • Question 1

    Do you conduct an annual HIPAA Security Risk Assessment and work to remedy any deficiencies?

  • Choose "Yes" if your organization has performed a HIPAA Security Risk Assessment in the past year. Choose "No" if your organization has not performed a HIPAA Security Risk Assessment in the past year
  • Question 2

    Do all staff members take an annual structured HIPAA Security and Privacy Training and take a compliance test?

  • Answer "Yes" if each employee has received HIPAA security training and has completed a HIPAA security compliance test with documented proof of completion. Answer "No" if any employee has not received HIPAA security training and compliance testing, or if there is no documented proof of training completion.
  • Question 3

    Are all staff members trained on how to spot Phishing emails?

  • Answer "Yes" if each employee has been trained on how to identify phishing emails and is routinely tested on their ability to identify them (i.e. routine simulated phishing tests). Answer "No" if employees have not been trained on how to identify phishing emails and are not being routinely tested on their ability to spot phishing emails.
  • Question 4

    Do you perform Vulnerability Scans on a regular basis (at least annually)?

  • Answer "Yes" if your organization has performed a Vulnerability Scan in the last year. Answer "No" if you have not conducted a Vulnerability Scan on your organization in the last year.
  • Question 5

    Do you have all Business Associate Agreements in place with all appropriate vendors?

  • Answer "Yes" if all your Business Associates have signed Business Associate Agreements. Answer "No" if you do not have signed Business Associate Agreements from all of your Business Associates.
  • Question 6

    Do you have any additional assurances that all your Business Associates are compliant with HIPAA?

  • Answer "Yes" if you have assurance that all of your Business Associates are HIPAA compliant (this can be indicated by having Business Associates fill out a compliance checklist). Answer "No" if you do not have assurance that all of your Business Associates are HIPAA compliant.
  • Question 7

    Are all computer systems in your office encrypted?

  • Answer "Yes" if all computer systems in the office that are used to access or store PHI are encrypted. Answer "No" if you do not have all computer systems encrypted that are used to store or access PHI.
  • Question 8

    Do you have a documented incident response procedure that addresses what steps are taken in the event of a breach?

  • Answer "Yes" if the organization has documented disaster recovery procedures in place and regularly test the procedures. Answer "No" if the organization does not have documented disaster recovery procedures in place or does not test the procedures regularly.
  • Question 9

    Is there a process implemented to periodically check on the access and activity within systems that store electronic protected health information (ePHI)?

  • Answer "Yes" if the organization does have system auditing setup and currently reviews the audit logs. Answer "No" if the organization does not have system auditing setup or does not review the audit logs.
  • Question 10

    Do you have Cyber Insurance coverage that can help offset the expenses related to a breach such as forensics and legal expenses as well as the fines?

  • Answer "Yes" if your organization has cyber insurance coverage to offset the repercussions of a security incident. Answer "No" if your current insurance policies do not cover your organization in the event of a cyber incident.
  • Question 11

    Do you have the appropriate documentation required by the HIPAA Security and Privacy Rules including termination procedures, disaster recovery plans and disposal procedures?

  • Answer "Yes" if your organization has written policies and procedures to address the HIPAA Security Rule safeguards. Answer "No" if your organization does not have written policies and procedures.
  • Fill out the information below to see the results of your Healthcare Security Checkup! A copy of the results will be sent to the email provided.

Need HIPAA Help?

Work with the experts and work towards HIPAA compliance headache-free, guaranteed!

Complete Compliance Solutions

Why does my organization need to worry about
HIPAA Compliance?

Patient data makes you vulnerable

With protected health information (PHI) bringing in top dollar on the dark web, storing and accessing patient data puts your organization at a higher risk of suffering a cyber-attack.

92% of data breaches are due to human error

66% of cyber criminals rank email phishing as their attack vector of choice. Unsuspecting employees may may click on a malicious link or file download without thinking twice.

Password Reuse is an epidemic

59% of individuals admitted to mostly or always using the same password, despite 91% knowing it's a security risk.* If a breached password is reused, the subsequent accounts are also at risk of being hacked.

HIPAA is a federal regulation

Protecting patient data is your organization's responsibility. If you fail to properly protect that data, you are in violation of HIPAA regulations. Failure to comply often comes with hefty fines and penalties.

See the hIPAA secure now difference

Contact us today to learn how we can help you simplify cybersecurity and HIPAA compliance for your organization.

  • Hidden
PHIshMD Program

HIPAA Compliance Services

Network Vulnerability Scans

Contact Us

  • HIPAA Secure Now
  • 55 Madison Ave, Suite 400 Morristown, NJ 07960
  • (877) 275 - 4545
  • info@hipaasecurenow.com

Find us on Social Media

Recent Posts

  • HIPAA Security Policies March 21, 2023
  • Restructuring the OCR March 14, 2023
  • HIPAA: P for Portability March 7, 2023
  • OCR Healthcare Report Released February 28, 2023
  • HIPAA Compliance & Cybersecurity: How They Differ February 21, 2023

Subscribe to our Newsletter

  • Hidden

© 2023 · HIPAA Secure Now!