HIPAA Audit

Are you a covered entity or business associate who uses protected health information (PHI) to provide services to the public? The Health Insurance Portability and Accountability Act (HIPAA) sets a national standard for the protection of consumers’ PHI by mandating risk management best practices and physical, administrative, and technical safeguards. HIPAA was established to provide greater transparency for individuals whose information may be at risk, and the Department of Health and Human Services’ Office for Civil Rights (OCR) enforces compliance with the HIPAA Privacy, Security, and Breach Notification Rules.

HIPAA Audit

Why Work With KirkpatrickPrice?

Protecting an asset as valuable as PHI can be a challenging responsibility, but when you partner with KirkpatrickPrice, it doesn’t have to be. We offer assessments on compliance with the HIPAA Security Rule and Privacy Rule, as well as risk analyses, gap analyses, policy development, business associate compliance management, and consulting services. Your organization will also benefit from working with KirkpatrickPrice’s Information Security Auditors, who are senior-level experts, holding certifications like HCISPP, CISSP, and CISA.

Our audit delivery tool, the Online Audit Manager, streamlines the audit process, helps reduce the complexity of compliance efforts, and gives our clients the ability to combine multiple audit frameworks into one audit. We’ve spent over a decade honing this process so that clients can complete one audit process while receiving multiple reports.

Connect with us today to understand the time it takes to complete a HIPAA audit, the cost of receiving a HIPAA report, and take part in a free demo of the Online Audit Manager.

HIPAA Compliance FAQs

How much does a HIPAA audit cost?

Pricing for a HIPAA audit depends on scoping factors, including what type of audit you need, physical locations, third parties, and if the audit is combined with any others. Pricing will also vary with the inclusion of a gap analysis or additional remediation time.

How long does a HIPAA audit take to complete?

The average HIPAA audit, using KirkpatrickPrice’s process, is completed in 12 weeks. The engagement begins with scoping procedures, then moves into an onsite visit, evidence review, report writing, and concludes with the report delivery. This timeline is extended when a gap analysis must be performed or when remediation takes longer than expected.

What do I receive when my HIPAA audit is complete?

A HIPAA audit culminates in a HIPAA report. The components and formatting of HIPAA reports delivered by KirkpatrickPrice are written by our in-house Professional Writing team and written based off of CERT/CC, the SANS Institute, and NIST standards. Organizations can provide their HIPAA report to outside parties to show independent third-party verification regarding the fairness and suitability of their information security management, controls, and practices that protect PHI.

How long is a HIPAA audit report valid?

The opinion stated in a HIPAA audit report is valid for twelve months following the date that the report was issued.

How often does a HIPAA audit need to be performed?

Industry standard is to schedule a HIPAA audit to be performed annually or when significant changes are made that will impact the control environment. Any frequency less than that will demonstrate a lack of commitment to compliance, plus it may cause distrust in the service organization’s systems.

Click for More HIPAA FAQs

Who must become HIPAA compliant?

How can I prepare for a HIPAA audit?

What is a HIPAA risk analysis?

What is a business associate?

What’s the difference between HIPAA and HITRUST?

How Can HIPAA Compliance Benefit Your Organization?

HIPAA compliance affirms the security of your services and gives your organization the ability to provide clients and regulators evidence from an auditor who has actually seen your internal controls in place and operating. HIPAA compliance can help your organization maintain loyal clients and attract new ones, operate more efficiently, avoid fines for non-compliance or from breaches, and most importantly: assure clients that their PHI is protected.

HIPAA Compliance Report

HIPAA Resources

What is a HIPAA compliance audit? How does HIPAA apply to your business and what must you do to ensure HIPAA compliance? We’re here to help you throughout your compliance journey, from start to finish. Check out our free resources all about HIPAA compliance.

VIEW ALL HIPAA RESOURCES