Do you have a compliance portal wherein you can view your assets, controls, policies, vulnerabilities, and third-party supplier HIPAA compliance?
Does your current system alert you on renewing BAA with third-party suppliers?
Have you recently completed a security risk assessment and business continuity plan?
Do you have the ability to assess and mitigate vulnerabilities on all of the assets connected to your network (Wired / Wireless) including medical devices?
Do you monitor your policies and procedures with audit log-on changes?
Do you have a tool to monitor electronic PHI (ePHI) in your network endpoints and encrypt select files and traffic if it contains or transmits ePHI?