Health Insurance Portability and Accountability Act (HIPAA) Compliance Consultant - Request for Qualifications

Understand CSCPBC’s business, review its covered entity status and how HIPAA and HITECH apply to its activities; Work with CSCPBC on identifying what the reasonable requirements are for CSCPBC to remain/be HIPAA compliant; Conduct a HIPAA/HITECH Security Risk Assessment and Compliance Gap Analysis (as defined by HIPAA, including administrative, technical and physical); Review and identify gaps in existing policies and procedures and provide recommendations for changes; Document the need for additional security measures, if any, and the rationale for adopting those measures; Review and update current policies and procedures related to HIPAA Privacy Rules; Ensure the confidentiality, integrity and availability of all e-PHI created, received, maintained and transmitted through thorough understanding of the CSCPBC data systems; Evaluate the likelihood and impact of potential risks to e-PHI; Recommend an internal compliance review process to continue to provide oversight and support for HIPAA compliance and provide methodology for CSC HIPAA Steering Committee to perform its own annual compliance assessment; Identify any training needs and/or training resources for CSCPBC staff; If recommended, provide training - up to 10 hours for a small group of staff (no more than 5).