HIPAA Privacy & Security

Create an effective compliance program to identify your organization’s level of compliance and prioritize areas of improvement.

Your privacy and security matter.

Today, it’s not a matter of if your IT will be compromised, but when. You must build cyber resilience, the ability to recover and return to normal operations quickly, to protect your IT environment and minimize loss in that inevitable breach.

Data confidentiality is one of the greatest risks you face. Any breach or noncompliance can lead to substantial fines and reputational damage. In addition to the confidentiality concerns that patients have, other stakeholders need assurance that your organization complies with laws. Our HIPAA risk assessments rank privacy and security issues by risk and difficulty, providing you the context to prioritize issues to manage the appropriate protection of electronic health information.

Be proactive and take action to reduce risks and improve your organization’s compliance and security.

Risk of Compliance

Compliance does not ensure protection from all threats; it is just a minimum requirements baseline. Mandatory regulations are designed to protect patient data. As technology advances and your organization continues to grow, a compliance mindset puts your organization at risk. You must do more to protect your patient data, connected medical devices, sensitive corporate data, operations and reputation.


The U.S. Department of Health and Human Services Office for Civil Rights has proposed recent changes to improve HIPAA’s care coordination and better enforce existing policies through increasing enforcement actions in the form of fines.

Patients can now request access to their confidential medical information and expect to receive it in 30 days or less, barring a special exception.

To mitigate the fear of responding too late to information requests, organizations ask third-party applications to help share patient information quickly, resulting in unexpected risks and data breach incidents.

What We Do

  • HIPAA security risk assessments
  • HIPAA compliance gap analysis
  • Comprehensive evaluation of compliance effectiveness
  • Compliance risk assessment
  • Compliance access to information assessment
  • Privacy and security documentation assessment
  • Privacy risk assessment
  • Audit business association agreement
  • Audit business association process

Cybersecurity & Assurance

New applications, devices, vendor connections and even new employees introduce risk and increase the complexity of compliance. We examine your internal control structures, staffing and procedures to offer remediation options and internal controls to reduce IT risks.

Almost everything you do in healthcare can be improved through information technology. While you must take advantage of technological advancements, you also must comply with privacy regulations and maintain strong cybersecurity practices to protect your business data and operations.

Our collaborative, proactive approach to strengthening cyber resilience allows you to leverage technology to improve patient care, power innovation and grow your organization.

Insights and

The Secret to Having Hard Conversations

Many leaders approach hard conversations the wrong way. The two most common mistakes we see are (1) allowing your emotions to set the tone and (2)...


Want to keep employees? Have “stay conversations”

Recently we helped a family-owned general contractor re-engage two key employees. One was a supervisor whose future was in question as a large job...


IRS Places Moratorium on the Processing of New ERC Filings

If you’re looking to file an Employee Retention Credit claim with the IRS, please note that there is a hold on processing of all new ERC filings...


HORNE Board of Directors admits new director

Lori Crocker, who serves in HORNE’s Healthcare group, was recently promoted to director, effective September...


HORNE ranked in Top 100 by INSIDE Public Accounting

INSIDE Public Accounting has ranked HORNE number 25 on the Top 500 Firms list for...


One question to immediately improve your hiring process

One of the simplest and most cost-effective ways to improve hiring is to ask better interview questions. But what is a “better” or “worse”...




Acceleration & Growth

HORNE’s acceleration and growth services help you stay ahead of the change with our technology, people, process and experience solutions.


Talk to an expert today.