HIPAA Privacy & Security

Create an effective compliance program to identify your organization’s level of compliance and prioritize areas of improvement.

Your privacy and security matter.

Today, it’s not a matter of if your IT will be compromised, but when. You must build cyber resilience, the ability to recover and return to normal operations quickly, to protect your IT environment and minimize loss in that inevitable breach.

Data confidentiality is one of the greatest risks you face. Any breach or noncompliance can lead to substantial fines and reputational damage. In addition to the confidentiality concerns that patients have, other stakeholders need assurance that your organization complies with laws. Our HIPAA risk assessments rank privacy and security issues by risk and difficulty, providing you the context to prioritize issues to manage the appropriate protection of electronic health information.

Be proactive and take action to reduce risks and improve your organization’s compliance and security.

Risk of Compliance

Compliance does not ensure protection from all threats; it is just a minimum requirements baseline. Mandatory regulations are designed to protect patient data. As technology advances and your organization continues to grow, a compliance mindset puts your organization at risk. You must do more to protect your patient data, connected medical devices, sensitive corporate data, operations and reputation.


The U.S. Department of Health and Human Services Office for Civil Rights has proposed recent changes to improve HIPAA’s care coordination and better enforce existing policies through increasing enforcement actions in the form of fines.

Patients can now request access to their confidential medical information and expect to receive it in 30 days or less, barring a special exception.

To mitigate the fear of responding too late to information requests, organizations ask third-party applications to help share patient information quickly, resulting in unexpected risks and data breach incidents.

What We Do

  • HIPAA security risk assessments
  • HIPAA compliance gap analysis
  • Comprehensive evaluation of compliance effectiveness
  • Compliance risk assessment
  • Compliance access to information assessment
  • Privacy and security documentation assessment
  • Privacy risk assessment
  • Audit business association agreement
  • Audit business association process

Cybersecurity & Assurance

New applications, devices, vendor connections and even new employees introduce risk and increase the complexity of compliance. We examine your internal control structures, staffing and procedures to offer remediation options and internal controls to reduce IT risks.

Almost everything you do in healthcare can be improved through information technology. While you must take advantage of technological advancements, you also must comply with privacy regulations and maintain strong cybersecurity practices to protect your business data and operations.

Our collaborative, proactive approach to strengthening cyber resilience allows you to leverage technology to improve patient care, power innovation and grow your organization.

Insights and

Preparing for Your Nursing Home Audit in Florida

If you are a nursing home operator in Florida, you may be wondering how to get ready for the upcoming financial audit. Here are some essential...


Accounting Today ranked HORNE in top 30 accounting firms in the U.S. in 2024

HORNE has been named one of the top 30 accounting firms in the U.S. by industry publication Accounting...


Leveraging Physician Compensation for Alignment and Profit Growth

Hospitals across the country are facing increasing labor costs, with physician compensation being a major contributor to the upward trend. According...


America’s Rubik’s Cube of Health Insurance Coverage

As states have returned to normal Medicaid enrollment procedures in the past few months, imagine two headlines: “Medicaid Plummets!”...


HORNE’s Board of Directors announces new Director of People

HORNE’s Board of Directors announced Clay Kittrell as HORNE’s new Director of People, effective February 1,...


Why bad culture is scarier than a hard conversation

We work with enough leaders like you to know that hard conversations are scary in their own way. You probably wouldn’t use the word “scary,”...




Acceleration & Growth

HORNE’s acceleration and growth services help you stay ahead of the change with our technology, people, process and experience solutions.


Talk to an expert today.