Why Work With KirkpatrickPrice?
Protecting an asset as valuable as PHI can be a challenging responsibility, but when you partner with KirkpatrickPrice, it doesn’t have to be. We offer assessments on compliance with the HIPAA Security Rule and Privacy Rule, as well as risk analyses, gap analyses, policy development, business associate compliance management, and consulting services. Your organization will also benefit from working with KirkpatrickPrice’s Information Security Auditors, who are senior-level experts, holding certifications like HCISPP, CISSP, and CISA.
Our audit delivery tool, the Online Audit Manager, streamlines the audit process, helps reduce the complexity of compliance efforts, and gives our clients the ability to combine multiple audit frameworks into one audit. We’ve spent over a decade honing this process so that clients can complete one audit process while receiving multiple reports.
Connect with us today to understand the time it takes to complete a HIPAA audit, the cost of receiving a HIPAA report, and take part in a free demo of the Online Audit Manager.
HIPAA Compliance FAQs
How much does a HIPAA audit cost?
Pricing for a HIPAA audit depends on scoping factors, including what type of audit you need, physical locations, third parties, and if the audit is combined with any others. Pricing will also vary with the inclusion of a gap analysis or additional remediation time.
How long does a HIPAA audit take to complete?
The average HIPAA audit, using KirkpatrickPrice’s process, is completed in 12 weeks. The engagement begins with scoping procedures, then moves into an onsite visit, evidence review, report writing, and concludes with the report delivery. This timeline is extended when a gap analysis must be performed or when remediation takes longer than expected.
What do I receive when my HIPAA audit is complete?
A HIPAA audit culminates in a HIPAA report. The components and formatting of HIPAA reports delivered by KirkpatrickPrice are written by our in-house Professional Writing team and written based off of CERT/CC, the SANS Institute, and NIST standards. Organizations can provide their HIPAA report to outside parties to show independent third-party verification regarding the fairness and suitability of their information security management, controls, and practices that protect PHI.
How long is a HIPAA audit report valid?
The opinion stated in a HIPAA audit report is valid for twelve months following the date that the report was issued.
How often does a HIPAA audit need to be performed?
Industry standard is to schedule a HIPAA audit to be performed annually or when significant changes are made that will impact the control environment. Any frequency less than that will demonstrate a lack of commitment to compliance, plus it may cause distrust in the service organization’s systems.