This sample report reviews an organization’s compliance with components of the Health Insurance Portability and Accountability Act (HIPAA) Security Final Rule.

Testing involved facilitating a kickoff meeting to ensure that scope expectations were clear and to ensure an appropriate understanding of company operations, key stakeholders and covered entity status; requesting and reviewing the reasonableness of documents that facilitate HIPAA Security compliance practices across the organization; and requesting and reviewing a preliminary inventory of HIPAA security-sensitive applications, data stores and physical media.