Datica Blog

Assessment Series: HIPAA Compliance Assessment

Travis Good, MD

Co-founder, CEO & Chief Privacy Officer

June 24, 2015   Company Compliance

HIPAA compliance is an ongoing challenge for healthcare enterprises, so the HIPAA Compliance Assessment was created to help meet the objectives of HIPAA while also providing insights into possibilities for streamlining processes and lowering costs.

With regulations that remain ongoing, convoluted, and potentially counter-intuitive, achieving HIPAA compliance at federally required measures is becoming more difficult in healthcare. Enterprise executive liability stipulates an ongoing effort for assessment to create a first-class compliance strategy. In the most minimum context, HIPAA has created complexities to the health insurance systemization that was already inundated with federal mandates. For example:

  • All departments and serviceable groups that deal with PHI will be observed with scrutiny for HIPAA compliance.
  • Policies in relation to HIPAA compliance must be written and documented, but employees are required to be trained on them whilst also having an expounded privacy officer accountable for managing the enterprise’s HIPAA compliance.
  • Noncompliance penalties have not been fully systematized but risk of press coverage and detrimental consumer perceptions cannot be overlooked.

The required HIPAA Compliance Assessment is intentioned to be brief, concise, and extensive. A complete assessment will include these measures:

  • Recognize state of readiness for all facets of HIPAA - privacy, security, and transactional
  • Ascertain areas of preeminent risk
  • Facilitate ongoing regulatory compliance
  • Offer insights into efficiency and fiscally effective initiatives

Miss the other two entries in the Assessment Series? Check out the HIPAA Risk Assessment and the HIPAA Security Assessment as well.


Going into the 2015 Digital Health Summer Summit, we at Datica had no conception as to the impression we have leaving. Wow!

Next Post

As HIPAA experts, we at Catalyze are constantly approached for our advice on all aspects in relation to compliance, and in these discussions we are perpetually astonished by the myriad of misconceptions that surround HIPAA. So in the spirit of benefiting general digital and healthcare literacy, let us shed some light on some common myths and fallacies that you may have.


Beware of HIPAA Ready Vendors!

Kris Gösser

VP of Marketing

Knowing the difference between being HIPAA ready and HIPAA compliant could save you some big risks and some even bigger costs.

June 4, 2015

5 HIPAA Topics to Address With Clinicians

Kris Gösser

VP of Marketing

HIPAA regulations outline IT compliance in high-level detail but don't specify methods for true compliance — an obstacle for healthcare clinicians.

July 29, 2015

What is the cost of a HIPAA audit?

Travis Good, MD

Co-founder, CEO & Chief Privacy Officer

The cost of a HIPAA audit depends on audit type – HIPAA gap assessment, full HIPAA audit, or validated HITRUST assessment – and indirect costs like time.

March 19, 2015

Inheritance and Ownership of Compliance Risk

Travis Good, MD

Co-founder, CEO & Chief Privacy Officer

The HIPAA Omnibus Rule accounted for the paradigm shift in technology development and cloud computing.

March 21, 2014