• Skip to primary navigation
  • Skip to main content
  • Skip to footer
ControlCase No Tag LOGO md

ControlCase

IT Certifications, Continuous Compliance and Cybersecurity Services Provider

  • Company
    • About Us
    • Careers
    • Locations
    • Team
  • Industries
    • Business Process Outsourcing
    • Cloud Service Providers
    • Retail
    • Telecom | Entertainment
    • Managed Service Providers
  • Certifications
    • PCI DSS Certification
    • CSA STAR Certification
    • GDPR Assessment
    • HIPAA Assessment
    • HITRUST Certification
    • ISO 27001 Certification
    • FedRAMP 3PAO Services and NIST 800-53
    • CMMC Compliance: NIST 800-171
    • MARS-E Assessment
    • PCI SSF
    • P2PE Certification
    • SOC2 Report
  • Solutions
    • Continuous Compliance Solution
    • One Audit
    • Card Data Discovery Software
    • Data Security Rating
  • Testing
    • Application Reviews
    • Application Security Training
    • Code Reviews
    • Card Data Discovery
    • External Vulnerability Scans
    • Firewall Security Reviews
    • Internal Vulnerability Scans
    • Log Monitoring
    • Penetration Testing
  • Resources
    • Events
    • News
    • Webinars
    • Courses
    • Newsletters
    • Blog
    • Tools
  • Contact Us

HIPAA / HITECH Compliance

You are here: Home / Blog / HIPAA / HITECH Compliance

What is PHI
– PHI stands for Personal Health Information.
– Refers to health information that can be tied to an individual.
– When personal health information is combined with any of the following eighteen identifiers, it is considered PHI.

Healthcare Compliance Drivers
1. HIPAA – Federal regulation requiring protection of Protected Health Information
2. HITRUST – Common Security Framework is used to assess security around PHI or other sensitive data.
3. Customer Requirements – Covered entity or other customer requires validation of security controls through their vendor management program.
4. Internal Audit – Internal directive requiring validation of security controls against an industry-accepted security framework.

About HIPAA
The Health Insurance Portability and Accountability Act (HIPAA) and subsequent Health Information Technology for Economic and Clinical Health (HITECH) Act defines policies, procedures, and processes that are required for companies that store, process, or handle electronic protected health information (ePHI). A HIPAA / HITECH attestation report demonstrates that an organization has implemented safeguards to protect sensitive ePHI. HIPAA establishes administrative, physical, technical, security and privacy standards that apply to both healthcare providers and business associates.

ControlCase Solution
ControlCase’s HIPAA compliance methodology is derived from industry (based on ISO 27001 and 27002) standards and has evolved over time to represent the collective experience of ControlCase’ s security professionals’ worldwide in the changing security landscape. The focus of our assessment targets specific security elements that are defined, developed and implemented as part of an organization’s security program.

For more information click here

Or Contact Us to schedule a demo of our solution

Related Blog

Importance of building a culture of security and compliance within your organization
How ControlCase’s “OneAudit” and “Continuous Compliance” Solutions Support Clients
One Audit – Concept to Reality – The path forward
How to Manage PCI DSS Compliance Using Zero Trust Principles.
The PCI DSS provides guidelines for securely processing, storing or transmitting payment card data. It aims to protect organizations and their customers against payment card fraud and is made up of 12 requirements or control objectives that comprehensively protect the payments ecosystem.
"One Audit" for IT Security Compliance Explained!
The One Audit solution provides the ability for organizations to perform a single audit and certify/comply with multiple regulations including but not limited to PCI DSS, ISO 27001, BITS FISAP, HIPAA, SOC 1/2/3, and FISMA NIST 800-53.
About the PCI Software Security Framework
The PCI Secure SLC Standard provides a baseline of requirements with corresponding assessment procedures and guidance to help payment software vendors design, develop, and maintain secure payment software throughout the software lifecycle. Enabling organizations to build more secure payment software.

About Us

ControlCase is a global provider of certification, cybersecurity, and continuous compliance services. ControlCase is committed to empowering organizations to develop and deploy strategic information security and compliance programs that are simplified, cost-effective, and comprehensive in both on-premise and cloud environments.
ControlCase offers certifications and a broad spectrum of cyber security services that meet the needs of companies required to certify to PCI DSS, HITRUST, SOC2, CMMC, ISO 27001, PCI PIN, PCI P2PE, PCI TSP, PCI SSF, CSA STAR, HIPAA, GDPR, SWIFT, and FedRAMP.

  • Facebook
  • LinkedIn
  • Twitter
  • YouTube

Footer

Connect

Corporate Headquarters
Fifty West Corporate Center
3975 Fair Ridge Drive, Suite D T25s, Fairfax, VA 22033

Send us a message

Call Us

About Us

ControlCase is a United States based company, headquartered in Fairfax, Virginia with locations in North America, Europe, Latin America, Asia/Pacific and the Middle East to serve our clients globally.

Quick Links

  • Company
  • Team
  • Careers
  • Locations
  • Covid-19 Notice

Certifications, Assessments and Reports

  • PCI DSS Certification
  • CSA STAR Certification
  • GDPR Assessment
  • HIPAA Assessment
  • HITRUST Certification
  • ISO 27001 Certification
  • FedRAMP and 3PAO Services
  • MARS-E Assessment
  • PCI SSF
  • P2PE Certification
  • SOC2 Report

© ControlCase LLC 2023 | Privacy Policy | Impartiality Statement | Legal Notices