Skip to content

CynergisTek Celebrates Record First Quarter

52% Revenue Growth Due to Increased Demand for Compliance Solutions

cynergistek Clean Transparent-CMYK

CynergisTek announced that it has achieved a record first quarter in 2014 for revenue, with a 52 percent increase over the same period in 2013. The company attributes growth to increased demand for expert guidance and turnkey compliance solutions that address today’s complex regulatory environment.

To meet this demand, CynergisTek has expanded its staff by 20 percent in the first three months of 2014, with plans to bring on even more new hires in the second quarter of this year. CynergisTek also plans to expand its audit, privacy and security offerings to support the company’s continued investment in providing the most effective, ongoing compliance management services to its customers.

Read more

ONC & OCR Release Risk Assessment Tool

New HIPAA Security Risk Assessment Tool Is Designed For Small Providers & Business Associates

By David Holtzman

HHS logo

A new security risk assessment (SRA) tool has been developed by the Department of Health & Human Services Office of the National Coordinator for Health IT (ONC) and the Office for Civil Rights (OCR). The tool is designed to help small and medium size health providers and business associates practices conduct and document a risk assessment in a thorough, organized fashion at their own pace by allowing them to assess the information security risks in their organizations under the Health Insurance Portability and Accountability Act (HIPAA) Security Rule.

Read more

OCR Audits To Resume

Department of Health and Human Services

A lot of conversations about OCR resuming a random audit program started at HIMSS14 Annual Conference & Exhibition after Susan McAndrew, deputy director of OCR, presented “HIPAA Compliance: Stepping It Up In 2014″. OCR has made a lot of progress to initiate the program and will expand it to include covered entities and business associates. Based on recent discussions with OCR, audits can start as early as April even though the permanent audit program is not anticipated to begin until October, FY 2015.

Read more

How Would You Perform In an OCR Audit?

The Office for Civil Rights (OCR) piloted a random audit program to measure compliance with HIPAA Rules and will rollout the program later this year. During the pilot program, many organizations struggled to demonstrate compliance and the biggest reasons heard were, “unaware of the requirement” and “incomplete implementation”.* OCR found that only 11% of the selected entities did not have any findings or observations of non-compliance.All of OCRs findings and observations prove how important it is to periodically and thoroughly review your security program to ensure compliance with HIPAA rules, especially now that the Omnibus Rule was passed. It is important, necessary and the right thing to do. CynergisTek offers several solutions and workshops to help organizations improve their security programs. All of our services can prepare and help your organization demonstrate compliance if ever selected for a random audit.

Findings by HIPAA Rules

Privacy Rule Findings

Image1 Image2
60% of the violations fell under the HIPAA Security Rule. OCR reported that most didn’t have a thorough risk assessment (as required by the Security Rule). CynergisTek offers many services, including a third-party risk assessment, to help improve the integrity of your security program.

Click here to learn more about our OCR Audit Services.

Nearly half of the findings under the Privacy Rule fell under policy and procedures. Organizations need to regularly evaluate their privacy program to ensure compliance. CynergisTek can assess the current state of your privacy program and address any gaps that are identified.

Click here to learn more about our Privacy Assessment.


* U.S. Department of Health and Human Services, Office for Civil Rights. HIPAA Privacy, Security and Breach Notification Audits – Program Overview & Initial Analysis. April 2013.
%d bloggers like this: