HIPAA Compliance Certification Program

HIPAA Compliance Certification Program

Meet the HIPAA Requirements with Year-round Compliance

Staying HIPAA compliant while abiding by state laws is a complex and time-consuming process. Furthermore, this annual drill adds more to an already busy IT organization. 

Avertium’s HIPAA Certification Program (HCP) is designed to meet the needs of compliance and IT executives alike. HCP benefits all companies that process and manage patient health information by providing a cost-effective way to stay on top of the HIPAA Security, Privacy and Breach Notification Rules throughout the year.


Service Brief

Who Must Be HIPAA Compliant?

Congress mandated the establishment of Federal standards to ensure the confidentiality and the privacy of protected health information (PHI). The comprehensive controls enforced by the Office of Civil Rights apply to the following types of organizations:

Hardware, software, application providers, data management, technical support and consulting services, etc.

Healthcare insurance carriers and employer self-insured plans that use a 3rd party administrator
Hospitals, medical groups, ambulatory facilities, long-term facilities

Pharmaceuticals, biotech, medical devices and non-allopathic treatments

The Department of Health and Human Services maintains the HHS Wall of Shame website that posts all HIPAA data breaches affecting more than 500 individuals per breach. A breach can cost an organization not only in penalties and fines, but also damage to its reputation and customer confidence.

Collaborative Approach

We go beyond providing the initial risk assessment of technical and non-technical safeguards and developing the corresponding remediation plan.  Our experts also work with you to translate federal and state mandates that are relevant to your business.

 Avertium’s HCP customers receive quarterly updates that keep them abreast of guidance from the Office of Civil Rights which administers HIPAA, HIPAA changes, the latest technology trends and industry best practices.

“Avertium helped us stay on track with all of our assessments. The important part has been the regular touch points to make sure we are making progress and it’s not just that we have the assessment and it’s over.”

Heather Burdine, Director of Operations and HIPAA Compliance Officer

Avertium Trustmark

All Avertium HIPAA Certification Program customers receive one of three designations — Certified, Validated and Assessed — and are provided the corresponding Avertium trustmark. This certifies your organization has been independently evaluated by the Avertium healthcare consulting team.

HIPAA Certification Program Trustmark
Use of the Avertium HCP trustmark
Template attestation language for business associate agreements
Framed certificate for on-premises display
Certification letter that can be sent to business associates and covered entities
Program Usage Guide that explains certification and trustmark application
Acknowledgement on Avertium.com

HIPAA Risk Assessment Service

  • Identifies and documents your areas of risk associated with the creation, storage, transmission, and processing of ePHI in accordance with the HIPAA Privacy, Security, and Breach Notification Rules.
  • Analyzes the use of administrative, physical, and technical controls to eliminate or manage vulnerabilities that could be exploited by internal or external threats.

HIPAA Gap Analysis Service

  • Compares the HIPAA rule requirements against your organization’s controls to identify and report gaps between your policies, procedures, systems, and applications.
  • Used to create recommendations to assist with the remediation efforts required to reduce gaps and achieve HIPAA compliance.

HIPAA Roadmap to Security Compliance

  • Lays out a clear plan for fulfilling your HIPAA compliance requirements.
  • Initial RSC is considered a working document, developed in partnership with you, to build a plan with prioritized HIPAA remediation tasks, task assignments, timelines, and estimated budgets.

Quarterly Touchpoints

  • Provide regular guidance and accountability in your path to compliance
  • Keep the momentum going by assessing progress regarding your HIPAA Roadmap

Complementary Security Services

As the leading provider of accessible managed security and security consulting services to the midmarket and enterprise, we offer a comprehensive array of solutions that enable organizations in the healthcare sector to increase their security posture. Popular services include:

  • Managed Security Services
  • Monitoring and Logging
  • Vulnerability Scanning 
  • Penetration Testing
  • HIPAA Security Awareness Training
  • Data Mapping and Classification
  • Sensitive Data Discovery Scanning

Ready to win the HIPAA compliance challenge?

We use cookies to personalize your experience. By using our website, you agree to our Privacy Policy.