HIPAA compliance

Data security and privacy solutions for health care organizations

Maintaining compliance with the Health Insurance Portability and Accountability Act (HIPAA) is more important than ever

The provisions affecting covered entities and business associates are wide-ranging, and penalties, and the associated organizational costs, for noncompliance with HIPAA requirements can quickly escalate to millions of dollars. Media reports of security and privacy breaches can also be devastating—undermining the trust of your patients, employees, vendors and business associates. This is why monitoring your HIPAA compliance through assessments is so critical.

Additionally, information security protections and HIPAA compliance are required for participation in various federal and state payment or care improvement programs.

Whether you’re applying for federal or state funds, concerned about the effectiveness of your HIPAA compliance program, or looking for assistance to complete your technical and non-technical periodic reviews, RSM has the experience and methodologies to assist your organization.

Questions to ask about HIPAA compliance

With so much riding on your HIPAA compliance program, it’s imperative to ask some questions when considering if an assessment is needed. These include:

  • Are you certain your HIPAA compliance program can withstand regulatory scrutiny including a Health and Human Resources Office of Civil Rights (OCR) audit?
  • If you're pursuing state or federal funds, is your program or associated implementation projects progressing as expected?
  • Was your most recent HIPAA assessment conducted in the last year?
  • Did your HIPAA assessment cover both security and privacy?
  • Have you completed an assessment to address all elements of the security and privacy rules, for all locations and operations?

Are you on the right track or do you need to change course?

Regulatory compliance is challenging for most organizations. Whether you're short of staff or simply don't have the resources with the appropriate knowledge and experience, RSM can help you develop the policies, procedures and processes you need to achieve and maintain HIPAA compliance.

Often, clients tell us they simply want to know what they don't know. If that sounds familiar, a RSM HIPAA readiness review or compliance assessment will provide you with a clear indication of how compliant you are now, and provide you with the specific actions required to change course.


RSM consultants assist organizations with the following HIPAA compliance-related services:

We determine how ready your organization is to comply with existing regulations, including reviewing documentation, interviewing selected managers and making general observations.

Recent insights from our cybersecurity professionals

Additional insights and solutions to achieve your organization’s goals

More services and insights to help your organization succeed

Contact our risk, fraud and cybersecurity professionals

Complete this form and an RSM representative will be in touch shortly.

Subscribe to Health Care Leader Insights

Actionable insights to help health care industry leaders successfully navigate challenges and take advantage of opportunity. Select your RSM preferences today.