Upon completion of your risk assessment and remediation plan, a security policy will be generated for your office based upon the uniqueness of your environment. This policy will contain process and best practice documentation, along with a log of all staff that have completed the security awareness and training program. Each month change logs will reflect staffing changes and training summaries. Steps taken to improve your risk posture will also be captured here.
In addition, your monthly security log summaries generated by our 24/7 monitoring program, and quarterly vulnerability assessment program will be appended.
Together this provides a living document that addresses the HIPAA regulatory requirements and provides you the comprehensive documents that you will need in the event of an audit for State or Federal regulatory authorities.