Thank you for looking to AltaPacific Technology Group and our team of professionals to help provide your organization with leading HIPAA Risk Assessment, GAP Analysis, and security consultation services.
AltaPacific is one of only a handful of companies that has been certified in conducting HIPAA security Risk Analysis (§164.308) by the Global Information Assurance Certification Program (GIAC) and the SANS Institute. AltaPacific HIPAA Consultants have been looked to by national organizations for compliance interpretations and have been published in a variety of leading industry journals regarding the subject of HIPAA Risk Analysis. AltaPacific personnel have also contributed to and co-authored the HIPAA Security Implementation workbook that is currently used as the leading guide to implementation by organizations world-wide.
In order to conduct any risk analysis, audit, assessment or gap analysis you must have defined a base-line as well as a methodology. It concerns us that many security companies are offering risk analysis to medical organizations for the purpose of complying with the security rule but base-lining their assessments on traditional "technical only" guidelines from past jobs they have done that are not HIPAA (or even medical) specific. These companies in their lack of understanding regarding the HIPAA legislation are unaware that most of the Security Rule implementation specifications are non-technical and that providing only a technical audit of the organizational assets leaves the customer non-compliant.
AltaPacific stands apart from other security companies in that our HIPAA security analysis is base-lined against a variety of guidelines including the HIPAA regulations, other medical organizations best practices, industry guidelines and our own set of internal standards that have been compiled from experience with security breaches and vulnerabilities found at other medical organizations.
Every organization must remember that the Risk Analysis is a legal document and discoverable within a court of law to show due diligence in the event of disclosure, audit, or lawsuits. We believe our experience and expertise set us apart as our understanding for what is required within the security rule goes beyond that of our competitors. We can address all safeguards, standards and implementation specifications within the security rule or if you would prefer we can provide a partial assessment covering only specific safeguards such as physical and technical leaving your existing legal resources to audit and assess administrative safeguards, documentation guidelines, Business Associate Contracts, and other non-technical requirements of the HIPAA Security Rule.
AltaPacific can offer you a Risk Analysis using either the qualitative or quantitative methodology. For a more complete understanding of the different methodologies and which is right for your organization, please ask an AltaPacific representative for a copy of our white paper outlining qualitative vs. quantitative risk analysis.
Regardless of the capacity in which AltaPacific works with your organization, we are pleased and excited to work with you to provide the best service and help your organization meet HIPAA requirements as well as increase efficiency and reduce cost by making smart and effective implementation decisions. We look forward to working with you in your assessment and remediation efforts now and in the future.
Please click on a menu option to the left to learn more about specific healthcare services we offer or Contact us to speak with a sales representative.