Are You Prepared for a HIPAA Audit?

The HIPAA Privacy Rule can be very confusing. If your health organization isn’t compliant, you could face penalties ranging from a simple warning to the loss of your license to practice medicine.


to see just how prepared you are (or aren’t).

Note: Your privacy is very important to us. To better serve you, the form information you enter is recorded in real time.

Please fill out this form. Once you complete the quiz, we’ll forward your results.(All your information will remain strictly confidential).
1. Has your healthcare organization undergone a HIPAA Risk Analysis or Vulnerability Assessment to determine the safety of your data?
2. Have you trained your employees in HIPAA Security Awareness, including:
  • Protection from malicious software
  • Log-in Monitoring
  • Security Reminders
  • Password Management
3. Do you encrypt your data in transit and at rest? Are your laptops and other portable devices encrypted for complete security?
4. Do you regularly update your operating systems and security patches for all your IT solutions and computer devices?
5. Do your passwords contain more than eight characters including numbers, upper and lowercase letters and symbols?
6. Do those who have access to EMR/ePHI/PII information use unique user IDs?
7. Are HIPAA-compliant password management settings enabled in your EMR/ePHI/PII systems and RIS/PACS?
8. Do you and your employees change your passwords every 180 days?
9. Do you conduct Penetration Testing on your Internet-facing applications at least once a year?
10. Is up-to-date anti-virus software installed on all your servers, workstations and computer devices?*
11. Do you periodically access the logs for all your EMR/ePHI/PII records?
12. Do you have a policy in place for sanctions for employees who violate the security or your HIPAA-related procedures? (e.g., termination, leave of absence)
13. Do you have a policy in place to safely dispose of your computer equipment and data?
14. Do you monitor log-in attempts to detect brute-force attacks?
15. Are next-generation firewalls in place to prevent malware from entering your system?*