HIPAA Compliance
Audit Services

HIPAA Compliance Audits

Our proven methodology and phased approach to HIPAA audits minimize your effort and maximize your results

"*" indicates required fields

Request a complimentary
HIPAA Consultation

Name
*
This field is for validation purposes and should be left unchanged.

What is a HIPAA compliance audit?

Linford & Company provides HIPAA Security and Breach Notification Rule compliance audits that are designed to assess the effectiveness of an organization’s risk management and regulatory compliance. Most audits include the requirements of the HIPAA Security and Breach Notification Rules. Optionally, the scope can be expanded to include the requirements of the HIPAA Privacy Rule, as well as privacy and security laws and regulations. A HIPAA compliance report may be distributed to clients and prospective clients. We also perform HIPAA compliance assessment reports solely for the internal use of management. HIPAA compliance audit reports are issued under attestation standards established by the American Institute of Certified Public Accountants (AICPA) AT-C Section 315, Compliance Attestation.

What is the cost of a HIPAA compliance audit?

A HIPAA compliance audit costs, on average, $8,000 to $25,000, depending on a variety of factors that influence the fee associated with the audit. These factors include the scope of the audit, the services provided by the organization, the number of physical locations that need to be visited, and the size of the organization, among others. We prioritize providing an accurate, specific, and reliable quote before beginning the audit engagement, thereby greatly reducing the risk of increasing fees later on.

Who needs a HIPAA compliance audit?

A HIPAA compliance report is useful to any HIPAA-covered entity or business associate that must demonstrate compliance with the HIPAA requirements. Service organizations or service providers that store ePHI are known as “business associates.” The U.S. Department of Health and Human Services (HHS) states that “the Security Rule applies to health plans, health care clearinghouses, and to any health care provider who transmits health information in electronic form in connection with a transaction for which the Secretary of HHS has adopted standards under HIPAA (the ‘covered entities’) and to their business associates.” By engaging Linford & Company’s services, we can help determine if your organization is a covered entity or a business associate, thereby needing a HIPAA audit.

 

HIPAA Compliance Audit Process

What does a typical audit include?

Most HIPAA compliance audits include the evaluation of the administrative, physical, and technical safeguards as they relate to the electronic protected health information (ePHI) an organization creates, receives, processes, maintains, and/or transmits; as well as the evaluation of the organization’s policies, procedures, and overall readiness to manage a breach of protected health information (PHI) in accordance with the notification requirements.

When are the fees and timeline presented?

Once we understand the needs of your organization, we provide an accurate engagement fee estimate and timeline so you know what to expect and when. In this stage, we also deliver a to-do list as well as a risk and controls matrix (RCM) to expedite the auditing process. We make every effort to meet all reporting deadlines.

How does a HIPAA compliance audit work?

Throughout the audit process, we take the time to understand your service commitments, system requirements, infrastructure, software, data, and support team. Depending on the organization’s circumstances , our auditors will conduct onsite and/or virtual interviews and examinations.

Does a HIPAA compliance audit report provide a legal determination?

A report issued in accordance with the provisions of AT-C Section 315 does not provide a legal determination of an entity’s compliance with specified requirements; however, such a report may be useful to legal counsel or others in making such determinations.

How will the audit affect our workplace environment?

It is our goal to provide the least amount of disruption to an organization’s productivity, while still gathering the important data needed to provide an accurate and complete HIPAA examination.

What are the deliverables?

Once we have completed the examination, our auditors create a thorough and professional report of their findings. Reports are delivered to each organization digitally to expedite the process of sharing the report with clients and others. Our auditors also deliver recommendations to the organization for improving their processes and internal controls, if needed, to further solidify their compliance.

Big 4 IT Auditors

Our highly-experienced auditors simplify complex HIPAA compliance requirements while delivering professional HIPAA Audits in an efficient manner.

Our
Partners

richard rieben linford
ben burkett linford

Our
Partners

richard rieben linford
ben burkett linford

Why Choose Linford & Company LLP?

HIPAA Compliance Audit Specialists

We know exactly how to get you from initial engagement to obtaining a HIPAA compliance report quickly and accurately, improving your internal controls along the way.

Top-notch Service

Determining HIPAA compliance is a rigorous and challenging process, demanding a deep knowledge of technology and regulation. At Linford & Company, we provide an experienced and responsive team with strong HIPAA audit and compliance experience.

Partner Involvement

We take pride in providing a high level of Partner involvement with each audit examination in an effort to further solidify our commitment to quality and efficiency.

Ready for a HIPAA Compliance Assessment?

Fill out the form and we’ll put you in touch with one of our experienced auditors. Your contact information stays with us and is only used to talk with you about your HIPAA compliance audit—we do not sell or share your contact information with anyone.

"*" indicates required fields

Request a complimentary
HIPAA Consultation

Name
*
This field is for validation purposes and should be left unchanged.