HIPAA-Consultants.com
  • Home
  • HIPAA
  • Healthcare
  • ISO/IEC
  • EHRs
  • Other Services
  • Our Lead Auditor
  • More
    • Home
    • HIPAA
    • Healthcare
    • ISO/IEC
    • EHRs
    • Other Services
    • Our Lead Auditor
HIPAA-Consultants.com
  • Home
  • HIPAA
  • Healthcare
  • ISO/IEC
  • EHRs
  • Other Services
  • Our Lead Auditor

HIPAA Audits

"Safe Harbor"

A 2020 amendment to the US HITECH Act included an infosec “safe harbor” for HIPAA. While it is not truly a “safe harbor”, the HITECH Act amendment allows the US government to reduce penalties and reduce audit times when a recognized framework is adopted and implemented.


While the HITECH Act amendment specifically mentions NIST; ISO/IEC frameworks also satisfy the safe harbor requirements as “other available” options.

Commonly Used Frameworks and Standards

We support the following commonly used frameworks in the HIPAA compliance environment: 

  • The NIST CSF for information security.
  • NIST Appendix J for privacy.
  • ISO/IEC 27001 for information security (an international standard).
  • ISO/IEC 27701 for privacy (an international standard).
  • NIST 800-53 for information security.
  • HHS/OCR audit standards.


Frameworks are often combined to address the full spectrum of an organization's potential risks risks. 

Copyright © 2023 HIPAA-Consultants.com - All Rights Reserved.

HIPAA-Consultants.com at PO Box 560666, Miami, Florida 33256-0666

 Office: +1.3052535932 and Mobile: +1.3053088729 

  • Privacy Policy

This website uses cookies.

We use cookies to analyze website traffic and optimize your website experience. By accepting our use of cookies, your data will be aggregated with all other user data.

Accept