- Training Schedules
- Certified HIPAA Administrator™ (CHA™)
- Certified HIPAA Professional (CHP)
- Certified HIPAA Security Specialist™ (CHSS™)
- Certified Security Compliance Specialist™ (CSCS™)
HIPAA Gap Analysis
The objective of gap analysis is to map the HIPAA security requirements against the enterprise environment to identify gaps that exist in the security infrastructure. The focus of this phase include:
Assessment Objectives
At a high level, there are a number of critical areas that need to be investigated during the process of security assessment. These areas include:
- Identify “gaps”
- Determine remediation projects
- Prioritize projects
-
Specify budget and resource requirement
There may be several remediation projects, each of which will require resources and specific skills. Some of these remediation projects may be fairly significant initiatives that may impact the entire enterprise infrastructure. The next step is to prioritize the projects and identify any dependencies that may exist between them. This will enable the organization to identify critical projects that need to be initiated.
The deliverables or outputs of gap analysis include:
- HIPAA Security Strategy
- Quantifying
Risk
A budget needs to be developed for each of the projects and the overall effort. The budget estimates for each project should be terms of:
- People
- Hardware
- Software
In this phase, the combination of gaps identified and the remediation projects is what will enable the organization to be positioned for complete compliance with HIPAA’s security objectives.
For more information about HIPAA Academy’s consulting services, please contact Lorna Waggoner at (877)899-9974 x17 or Lorna.Waggoner@ecfirst.com.
