HIPAA One Raises Standard of Cybersecurity Controls Exclusively to Subscribers

Share Article

A new set of HIPAA One security risk analysis questions now available.

These new cybersecurity questions elevate the standard of security satisfying the most-stringent security certifications while maintaining HIPAA compliance.

HIPAA One today announced a new set of HIPAA One Security risk analysis questions available exclusively to HIPAA One subscribers. These new questions come ahead of the new 42 CFR Part 2 coverage and updates to the final reporting engine coming later in Q4 2019.

Delivering on the promise of reducing the likelihood of breaches, HIPAA One’s new cybersecurity questions elevate the standard of security satisfying the most-stringent security certifications while maintaining HIPAA compliance.

“When we launched HIPAA One’s software platform, the goal was to simplify and reduce administrative burden in conducting and maintaining a HIPAA SRA by at least 80%,” said Steven Marco, President and CEO of HIPAA One. “Today we see gaps between the SRA and ever-evolving cybersecurity threats facing healthcare. Common-sense dictated leveraging HIPAA’s safeguards to evolve new standards for healthcare and its business associates. Now, subscribers can take advantage of this new functionality without any increase in fees while reducing cybersecurity risk to their organizations.”

New cybersecurity questions and supplied policies and procedures directly address:

•Data Classification and Data Loss Prevention 164.312(b)

•Systems Development Lifecycle (for business associates and in-house software development) 164.308(a)(8)

•Mobile Device Management & Mandatory Policy for BYOD (Bring your own Devices) 164.308(a)(5)(ii)(D), 164.310(d)(2)(ii), 164.312(a)(2)(iv)

•Change Management process as part of security evaluations 164.308(a)(8)

•Replacing weak passwords with passphrases or Multi-Factor Authentication (MFA) 164.312(d)

•Using the recently upgraded (and included) Vendor Management Solution (VMS) app, optionally requiring Business Associates provide evidence to satisfy the security requirements of a Covered Entity prior to providing the BAA contract for signing 164.308(b)(1), 164.308(b)(3).

These features are following the recently released Vendor Management Solution (VMS) that integrates business associate agreements into a streamlined, automated contract management system.

Visit https://www.hipaaone.com to learn more about our software and solutions.


HIPAA One is a simple, automated and affordable HIPAA compliance software solution. The HIPAA One suite allows healthcare providers, payers and business associates of all sizes to focus on their important objectives: core competencies, improving compliance and reducing operating costs. Designed for auditors seeking advanced functionality, partners and office managers alike, the software scales from the single-doc practice to enterprise organizations needing to simplify complex problems, provide macro-analytics and "always current" HIPAA controls. To learn more about HIPAA One® visit http://www.hipaaone.com.

Share article on social media or email:

View article via:

Pdf Print

Contact Author

Sierra Butterfield
+1 (801) 770-1199
Email >
Follow >
Visit website