NIST Policies

Trying to do an official certified NIST risk assessment from HIPAA policies written in the past is like translating hieroglyphics into English. It can be done if you have enough time and money, but why bother?

Our goal is to simplify complex processes. Editing and adopting NIST policies leads directly to quarterly NIST CSF risk assessments with no more effort on your part.

The NIST CSF contains 139 safeguards that must be addressed in order to be HIPAA compliant. Policy templates written to this specification and edited to fit the organization assure that your compliance efforts are applied in an efficient manner.

On a quarterly basis we pull the editing data from your site and update your NIST risk assessment. We then send a package of reports including a progress report and gap analysis.

Updated policies, a current risk assessment, and documented training completes the cycle of compliance and assures that you are HIPAA compliant on an on-going basis.