866.254.0000
Talk with a Specialist
Services
SOC & Attestations
Payment Card Assessments
ISO Certifications
Privacy Assessments
Federal Assessments
Healthcare Assessments
Penetration Testing
Cybersecurity Assessments
Crypto and Digital Trust
Schellman Training
ESG & Sustainability
AI Services
View All Services
Industry Solutions
Cloud Computing & Data Centers Meet a broad range of regulatory and industry compliance mandates for your customers
Financial Services & Fintech Cybersecurity assessments for both the banking industry and the financial service providers
Healthcare Reporting to manage risk and adhere to applicable laws and regulations
Payment Card Processing Validate compliance with the various forms of the PCI DSS
US Government Achieve authorization to work for federal agencies, DoD, and the associated contractor base
Higher Education & Research Laboratories Reinforce your commitment to securing your student's and institution's data.
View All Industry Solutions
Learning Center
Our Technology
About Us
Leadership Team
Careers
Corporate Social Responsibility
Strategic Partnerships
Visit About Us
Services
Services
View All Services
SOC & Attestations
SOC & Attestations
Payment Card Assessments
Payment Card Assessments
ISO Certifications
ISO Certifications
Privacy Assessments
Privacy Assessments
Federal Assessments
Federal Assessments
Healthcare Assessments
Healthcare Assessments
Penetration Testing
Penetration Testing
Cybersecurity Assessments
Cybersecurity Assessments
Crypto and Digital Trust
Crypto and Digital Trust
Schellman Training
Schellman Training
ESG & Sustainability
ESG & Sustainability
AI Services
AI Services
Industry Solutions
Industry Solutions
View All Industry Solutions
Cloud Computing & Data Centers
Cloud Computing & Data Centers
Financial Services & Fintech
Financial Services & Fintech
Healthcare
Healthcare
Payment Card Processing
Payment Card Processing
US Government
US Government
Higher Education & Research Laboratories
Higher Education & Research Laboratories
Learning Center
Our Technology
About Us
About Us
About Schellman
Leadership Team
Leadership Team
Careers
Careers
Corporate Social Responsibility
Corporate Social Responsibility
Strategic Partnerships
Strategic Partnerships
Talk with a Specialist

«  View All Posts

Introducing HIPAA Express: A Risk-Based Assessment Designed Specifically for Healthcare Providers Blog Feature

By: Schellman

Print/Save as PDF

Introducing HIPAA Express: A Risk-Based Assessment Designed Specifically for Healthcare Providers

News | Healthcare Assessments | HIPAA Express

TAMPA, FL: Schellman, a leading provider of attestation and compliance services, is pleased to announce the introduction of HIPAA Express, a new service offering aimed at reducing the risk of data breaches and ransomware attacks for large healthcare systems and regional healthcare providers.

Having conducted fully detailed HIPAA examinations for business associates over the last 15 years, Schellman has a proven methodology for making that process as efficient and effective as possible. But due to the heightened interest among providers that need that same level of expertise but with a more focused approach at a more modest investment level, Schellman now offers this new right-sized service.

Through this third-party assessment, Schellman can help these organizations protect the considerable amount of sensitive data they maintain, identify evidence of due diligence to comply with HIPAA, and set them up for success in the event of an OCR audit—with the potential to even reduce fines resulting from an OCR breach investigation.

“Healthcare organizations are increasingly being targeted by attackers due to the value of the data in an individual’s health record. The impact of a breach of PHI can be devastating. You might get hit with large fines and you have to deal with the loss of customer confidence,” said Doug Kanney, Schellman Principal, and practice leader of the firm’s HITRUST and HIPAA service lines. “But going through an external assessment focused on compliance with HIPAA is a fantastic way to show due diligence to the OCR and internally helps reduce risk. Plus, you still have coverage over the HIPAA requirements, but at a level that doesn’t make this assessment cost prohibitive.”

With over 90% of OCR enforcement actions calling out an insufficient HIPAA Risk Analysis / Risk Management program, Schellman made this area a focal point of the HIPAA Express assessment. Now that the service is live, the firm is eager to get started with easing anxiety for healthcare providers and systems.

“We are excited to add HIPAA Express to our robust compliance portfolio,” said Avani Desai, Schellman CEO. “This new service offering will assist our clients in meeting the challenge of today’s increased regulations and risk management needed to comply with HIPAA and an OCR audit.”

Schellman’s new offering includes a workshop and meetings with various levels of an organization, as well as a report that details:

 

  • The summary letter;
  • The scope of the environment;
  • Details around the essential elements of the HIPAA Security Risk Analysis and Risk Management processes;
  • A table showing the compliance status of requirements; and
  • A detailed description of any findings from the assessment. 

The entire HIPAA Express process typically takes one to two weeks, depending on the size of the organization, and costs $15,000 - $30,000 on average. 

About Schellman:

Schellman is a leading global provider of attestation, compliance, and certification services. Operating as an alternative practice structure as Schellman & Company, LLC, a top 100 CPA firm, and Schellman Compliance, LLC, a globally accredited compliance assessment firm, we can offer clients services as a CPA firm, an ISO Certification Body, a PCI Qualified Security Assessor Company, a HITRUST assessor, a FedRAMP 3PAO, and as one of the first CMMC Authorized C3PAOs.

Renowned for expertise tempered by practical experience, Schellman's professionals provide superior client service balanced by steadfast independence. Schellman's approach builds successful, long-term relationships and allows our clients to achieve multiple compliance objectives using a single third-party assessor. For more information, please visit Schellman.com.

About Schellman

Schellman is a leading provider of attestation and compliance services. We are the only company in the world that is a CPA firm, a globally licensed PCI Qualified Security Assessor, an ISO Certification Body, HITRUST CSF Assessor, a FedRAMP 3PAO, and most recently, an APEC Accountability Agent. Renowned for expertise tempered by practical experience, Schellman's professionals provide superior client service balanced by steadfast independence. Our approach builds successful, long-term relationships and allows our clients to achieve multiple compliance objectives through a single third-party assessor.

4010 W Boy Scout Boulevard
Suite 600
Tampa, FL 33607

U.S. 1.866.254.0000

Outside the U.S.
1.813.288.8833

Resources
Company
Stay Up-to-Date

Sign up to receive Schellman's Weekly Ready delivered every Friday morning.

© SchellmanPrivacy PolicyTerms of Use

“Schellman” is the brand name under which Schellman & Company, LLC and Schellman Compliance, LLC provide professional services. Schellman & Company, LLC and Schellman Compliance, LLC practice as an alternative practice structure in accordance with the AICPA Code of Professional Conduct and applicable law, regulations and professional standards. Schellman & Company, LLC is a licensed certified public accounting firm (Florida license number AD62941) registered with the Public Company Accounting Oversight Board (PCAOB) that provides attest services to its clients, and Schellman Compliance, LLC provides nonattest cybersecurity and compliance professional services to its clients. Schellman Compliance, LLC is not a licensed CPA firm. Schellman & Company, LLC and Schellman Compliance, LLC are independently owned and are not liable for the services provided by any other entity providing services under the Schellman brand. Our use of the terms “our firm” and “we” and “us” and terms of similar import, denote the alternative practice structure conducted by Schellman & Company, LLC and Schellman Compliance, LLC.