HIPAA/CCPA Compliance
The compliance requirements and scope of privacy and protected health information regulations are quite complex. Arbour Group’s robust methodology and experience can help navigate the compliance requirements of regulations such as the Health Insurance Portability and Accountability Act (HIPAA) and the California Consumer Privacy Act (CCPA). We provide compliance services for customers that are newly in scope for these regulations, as well as companies that need ongoing support for established privacy programs. The types of projects we support include:
- Compliance assessments to identify gaps and recommendations to mitigate the identified gaps.
- Policies and procedures development to support the key areas of Privacy, Security, and Breach Management.
- Identification of in-scope IT systems and data.
- Assessment of controls within IT systems and recommendations to address gaps.
- Development of Risk and Control matrices at the organizational level and the IT system level.
WHAT OUR CLIENTS THINK