HIPAA/HITRUST Compliance Program Implementation
HIPAA
HITRUST
COMPLIANCE
HEALTHCARE
RISK ASSESSMENT
PYTHON
MAY 10, 2023
Led the development and implementation of a HIPAA/HITRUST CSF compliance program tailored for healthcare-related payment systems within a large retail environment.
Conducted thorough risk assessments based on HIPAA Security Rule requirements and HITRUST controls, identifying critical gaps in PHI protection.
Developed and implemented administrative, physical, and technical safeguards, including access controls, data encryption policies, and incident response plans.
Managed the evidence collection process using automated Python scripts and GRC tools, preparing the organization for successful HITRUST certification and HIPAA audits.
Key Outcomes
- Achieved 100% compliance for healthcare payment systems across 500+ retail locations.
- Successfully prepared for and passed HITRUST certification audit.
- Reduced PHI-related security incidents by 80% through enhanced controls.
- Improved audit readiness by 40% through automated evidence collection.
Technologies Used
HITRUST CSF
HIPAA Security Rule
Python
AWS Security Hub
LogicGate
RSA Archer