Assessments
Curious Compliance can help. We can facilitate a self-assessment, partner with your staff, or perform independent and objective assessments.
Covered entities and their delegates are required by HIPAA, CMS, and other regulations to perform regular compliance assessments. Your cybersecurity insurance provider probably requires assessments too. Don’t forget self-assessments and certifications required by commercial insurers, licensing agencies, and states.
Many providers and practices do nothing more than check boxes. That may reflect limited resources, a lack of interest, or an unwillingness to create a paper trail.
At the same time, covered entities face constantly changing threats from cybercriminals, old-fashioned fraudsters, and potentially litigious payors, patients, and partners. At the same time, covered entities must meet ever-evolving regulatory compliance rules. Obligations may be redundant, misaligned, or seemingly contradictory.
You can’t protect your practice or your patients if you don’t understand the threats, and you can’t improve if you don’t know where you stand now. Don’t rely on a checklist that could be outdated, incomplete, or irrevelant. Don’t be the practice that finds out that it wasn’t meeting its cybersecurity insurer’s standards until a claim is denied.
HIPAA, CMS, HITECH
Cover the foundations of compliance for covered entities, delegates, and vendors.
We can help you evaluate and remediate potential compliance gaps, document your compliance, and stand up an effective compliance program.
HIPAA Ombi bus Act complaince
HIPAA Privacy Rule
HIPAA Secuirty Rule
Breach Notification and Response
CMS Compliance
FDR and Vendor Compliance
Training
Cybersecurity
You’ve seen the warnings from law enforcement, State and Federal agencies, industry associations, and the national news: cybercriminals target healthcare providers and practices.
The best defense starts with understanding your assets, threats, and potential mitigation. We partner with leading MSPs and IT security experts to deliver actionable, relevant assessments.
Vulnerability Scanning
Penetration Testing (Ethical Hacking)
Regulatory Compliance Audits
MSP and Vendor Management
Business Continuity/Disaster Recovery
SOC, ISO, and Audit
Effective and well-documented audits can bhelp you demonstrate your due diligence. This could be the key to quailifying for a safe harbor consideration or for filing a cybersecurity insurnance claim.
We can help you design and perform internal audits, respond to external audit requests, and implement an audit program. We also partner with experienced CPA firms to perform and deliver SOC reports.
SOC Reports
Attestation Letters
Record Reviews
Audit Prep and Assistance
