HIPAA & OCR COMPLIANCE

Security & Privacy Policy and Procedure Development

Security & Privacy Policy and Procedure Development

Are your security and privacy policies and procedures complete and current?

Would they stand up to an OCR audit?

Are you confident that your policies are comprehensive and inclusive of security standards and regulations like HIPAA, NIST and HITRUST?

Meditology maintains a comprehensive set of healthcare-specific security and privacy policy and procedure templates aligned with the latest regulatory requirements. We customize this master set to align with your specific organization size and structure to support regulatory compliance and robust security controls that are appropriate for your unique business.

We have worked with hundreds of industry leading healthcare clients over a decade to review, assess, and develop security policies and procedures. Our policy and procedure development support services accelerate HITRUST CSF and SOC 2 certifications and reduces time and costs for your organization.

WHAT SETS MEDITOLOGY APART

  • Ranked #1 Best in KLAS for Cybersecurity Advisory Services in 2019 and 2020
  • Dedicated to healthcare
  • HITRUST Certified Assessor Organization
  • Over a decade of policy and procedure development experience and examples for leading practices
  • NIST & FISMA policy development and compliance experts
  • HIPAA expert witness firm for OCR
  • Experienced CISOs and Privacy Officers that understand operational implementation of policies and procedures

RELATED RESOURCES

Webinar
Private: Proposed Modifications to the HIPAA Privacy Rule: Key Points & Lessons Learned From History
Watch the Replay
Webinar
Private: HIPAA Risk Analysis Fundamentals: Industry Tested, OCR Approved
Watch the Replay
Blog Post
Private: Healthcare CISOs Sound Off, Volume 3: HIPAA Compliance and Risk Management
Read
Infographic
When It Rains, It Pours: Healthcare Ranks #1 in Breach Costs
View
View All Resources
 
Quote Icon

Dartmouth-Hitchcock has partnered with Meditology Services since 2012.

Over that period of time, they have helped with multiple projects, both large and small, repeatedly delivering as promised. We have come to trust their insights regarding regulatory issues and their vast experience of the healthcare industry when developing security policies, strategies and budgets. We regularly use their ethical hacking skills to test the effectiveness of our security program.  In summary, they have earned our trust and become an integral part of our security toolset.

Peter Merrill

Director of Information Systems, Dartmouth-Hitchcock Medical Center

View All Testimonials
 
Quote Icon

Meditology came to us recommended by our members and is well-respected in its service community.

As a health information exchange (HIE), we are a highly customer-focused organization – and we recognize this same orientation in a consulting partner. Meditology came to us recommended by our members and well-respected in its service community. They were readily able to evaluate our policy and security framework, and identify areas of key focus. We particularly appreciated their knowledge around HIPAA and our statewide HIE. With their help, we created an entire array of organizational policies. Meditology also conducted a security assessment that demonstrated we had appropriate safeguards in place for robust exchange. This has helped assure our member hospital/health systems, healthcare insurers, and ambulatory practices. Naturally, the effort has had an important influence on our service procedures. We look forward to continued work with Meditology for our consulting and ongoing risk-assessment needs.

Daniel Wilt

Senior Director of Information Technology and Chief Information Security Officer, HealthShare Exchange of Southeastern Pennsylvania

View All Testimonials