HIPAA Security Gap Assessment Report
Subscriber Content

This sample report reviews an organization’s compliance with components of the Health Insurance Portability and Accountability Act (HIPAA) Security Final Rule.
Testing involved facilitating a kickoff meeting to ensure that scope expectations were clear and to ensure an appropriate understanding of company operations, key stakeholders and covered entity status; requesting and reviewing the reasonableness of documents that facilitate HIPAA Security compliance practices across the organization; and requesting and reviewing a preliminary inventory of HIPAA security-sensitive applications, data stores and physical media.