HIPAA and HITECH health care compliance consulting

Data security and privacy solutions for health care companies

Compliance with the detailed requirements of the Health Insurance Portability and Accountability Act (HIPAA) and Health Information Technology for Economic and Clinical Health (HITECH) Act regulations is a challenging and time-consuming task. These regulations are in place to protect the personal information of patients and compliance is mandatory. However, many organizations are short on staff or simply don't have the resources with the appropriate knowledge to manage the required compliance demands and address data security concerns.

Our services

We use our knowledge of the unique regulatory challenges your organization faces to help you comply with existing guidelines and identify where any security gaps may exist. Our health care data security consultants have extensive experience in evaluating organizational processes to help ensure they are compliant with sufficient controls in place. We deliver data security and privacy solutions to a variety of organizations. Some of our health care compliance consulting services include:

  • Readiness review: We help you determine how ready your organization is to comply with existing regulations, including reviewing documentation, interviewing selected managers and making general observations.
  • Compliance assessment: We initiate an assessment that includes an in-depth review and analysis of policies, procedures and documentation, interviews with staff, and testing existing processes and controls.
  • Risk assessment: We perform an accurate, thorough assessment of compliance with HIPAA/HITECH regulations by comparing potential risks and vulnerabilities to the confidentiality, integrity and availability of protected health information.
  • Policies and procedures update: We assist you in adding to or updating your HIPAA/HITECH policies and procedures based on findings from our readiness review or compliance assessment. Our experienced consultants can also assist in developing and implementing these policies and procedures.
  • Self-assessment training: We utilize industry best practices to train your personnel on how to conduct a HIPAA/HITECH compliance self-assessment. Training can be customized to attendees' experience levels.

Achieve Compliance with the DEA’s EPCS regulations

RSM has developed a compliance assessment approach in response to the Drug Enforcement Agency’s (DEA) Electronic Prescriptions for Controlled Substances (EPCS) regulations.

HIPAA/HITECH – Privacy, Security, and Compliance

Compliance with the Health Insurance Portability and Accountability Act (HIPAA) and Health Information Technology for Economic and Clinical Health (HITECH) Act regulations is a challenging and time-consuming task.

Working with you for compliance with HIPAA/HITECH

HIPAA/HITECH compliance is challenging for most organizations. Whether you’re short on staff or simply don’t have the resources with the appropriate knowledge and expertise, RSM can help.

Most Popular Insights


Leading edge security, risk management in health care: Webcast recap

Get a recap of our health care industry webcast on leading edge security and risk management practices. Measurement and analysis are key.

  • Greg Vetter, Anthony Catalano
  • |
  • October 16, 2018


Welcome to Health Care Security and Privacy Connection

Get key updates on health care industry news and insights related to information privacy, security and compliance.

  • November 03, 2017


Internal audit: Identifying risks within your health care organization

With heightened regulatory requirements and ongoing competition, it's key for your health care organization to evaluate and address risk.

  • June 26, 2017


Enterprise risk management and assessment (webcast recap)

Missed our webcast on enterprise risk management and assessment considerations for health care organizations? Check out this recap.


Beyond HIPAA compliance

Collaboration and alignment between IT audit and IT security helps health care organizations better manage information security risks.

  • Jonathan Dreasler, Adam Keagle, Greg Vetter
  • |
  • June 29, 2016


Revenue integrity webcast series: Part 4 recap

This webcast summary focuses on the importance of corporate compliance effectiveness in health care organizations.

  • May 17, 2016


HIPAA/HITECH critical security measures and best practices

Learn about the importance of improving security breach awareness and proper planning for HIPAA/HITECH compliance.


Implementing proactive data security plan: 3 stages of a data breach

Every business is vulnerable to a potential data breach, and companies must implement proactive strategies to prepare for, and react to, an incident.

  • /content/mcgladrey/en_US/about/profiles/andy-obuchowski
  • |
  • September 05, 2014
Size doesn’t matter: The anatomy of a data breach


Size doesn’t matter: The anatomy of a data breach

You may think you are too small to suffer a data breach. Think again. Hackers target businesses of all sizes and industries, and your data is at risk.

  • August 20, 2014


Health care's big issues in 2014

From mergers to compliance, listen to three webcasts in this series to understand the big challenges, and opportunities, impacting health care.

  • May 22, 2014


Five reasons to re-evaluate your mobile security policy

A detailed look at the items that organizations should include in their mobile device security plans.

  • Loras Even
  • |
  • March 12, 2014


Proactive planning for HIPAA HITECH and IPPS proposed rules for 2014

Join us for a two-part webcast on two critical regulations impacting the health care industry: the HIPAA/HITECH Act and IPPS Regulations and Notices.

  • May 23, 2013
Proactively staying on top of HIPAA HITECH compliance demands


Proactively staying on top of HIPAA HITECH compliance demands

One of the top 50 largest nursing facility companies realized the critical importance of staying ahead of HIPAA/HITECH compliance demands.

  • March 19, 2013

How can we help you?

To discuss how our team can help your business, contact us by phone 800.274.3978 or

Events / Webcasts


Health care industry webcast series

  • August 27, 2020


Preparing your organization for a federal compliance audit

  • August 20, 2020


Health care industry 2019–2020 webcast series

  • April 09, 2020