Program Evaluation

Strategic Management’s experience and understanding of health care privacy and security, including HIPAA, HITECH, GDPR and FERPA, concentrates on incorporating the regulatory compliance requirements into an existing organizational strategy and compliance infrastructure. Strategic Management’s team of consultants are certified health care privacy and security professionals that work directly with health care organizations to evaluate their privacy and security programs.

HIPAA Compliance Services

Strategic Management evaluates a health care organization’s compliance with the HIPAA Privacy and Security Rules requirements, as well as its overall data security and privacy posture. Our HIPAA program evaluations serve as an effective tool to identify gaps and weaknesses in an organization’s internal controls and to provide valuable insight into risks that have otherwise been concealed or overlooked by internal reviews. During a HIPAA program evaluation, Strategic Management will analyze and evaluate, both quantitatively and qualitatively, an organization’s systems and controls with respect to each HIPAA requirement.

Program Risk Remediation

When program deficiencies and opportunities are identified, Strategic Management conducts an impact/probability analysis to prioritize the highest risk areas for remediation. A risk remediation work plan will then be developed that outlines and assesses the strength of the internal controls and systems for each area, with suggestions for remediation. Strategic Management has also developed compliance tools, including policies and procedures, training, tracking processes and breach preparedness to facilitate HIPAA compliance efforts.