Automated data collection | Policies & Procedures | Risk Analysis & Management Plan | Evidence of HIPAA compliance | Built to meet auditor requirements

it security word cloud


More than 700,000 hospitals, emergency medical clinics, dental offices, nursing homes and other health-related entities are required by law to have a specialized IT risk assessment performed to satisfy the requirements of HIPAA – The Health Insurance Portability and Accountability Act.

So, too, are an estimated 2 million other companies that do business with these entities, including shredding companies, documents storage companies, attorneys, accountants, collections agencies, and many others. Many of these companies and organizations are not even aware of this legal requirement!

Leon Rodriguez, former director of the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services, was responsible for enforcing HIPAA and HITECH. When asked where do organizations suffer the most audit failures, Rodriguez commented in the “failure to perform a comprehensive, thorough risk analysis and then to apply the results of that analysis.”

Let Cinch IT make your technology a “CINCH”!

Enjoy peace of mind

trusting your technology to our expert team of IT professionals.

Seize more opportunities

with user-friendly technology that works.

Increase billable hours

consistent IT support yields more up-time.

Take the guesswork out of budgeting

with the convenience of our flat- rate IT plan.


One of the most challenging aspects of performing a valid comprehensive HIPAA Assessment is gathering and organizing the vast amount of data that must be collected from a variety of sources. Cinch IT can makes this easy by giving you a central repository to safely and securely collect the information. We will start by conducting a “Site Interview” to obtain the answers to a series of pre-established questions.

Next, we will conduct an On-Site Survey to personally observe the environment, take photographs and check on a wide range of security policies. There’s no guesswork here.

While we are conducting your On-Site Survey, we’ll also run a non-invasive Local HIPAA scanner on each PC in the office. Additionally, we’ll run an External Vulnerability Scan.


Once we’ve gathered the initial data we will work with you to complete three worksheets – a User Identification Worksheet, a Computer Identification Worksheet, and a Share Identification Worksheet. The data from these worksheets will be automatically cross-correlated with the data collected by the data collector to ensure there are no anomalies.


At this point in the process we will generate a Security Exception Worksheet, which will list issues that have been identified. All of the information gathered is ready to be crunched, analyzed and organized into a set of official HIPAA Compliance reports and documents.

compliant ball in a pyramid of balls marked non-compliance to illustrate targeting actions t
Cinch IT Account Manager

Contact Us Today

[recaptcha size:compact]
Powered by Cinch IT, Inc.
Copyrights © 2004- 2018 Cinch IT, Inc.