By using this site, you agree to the Privacy Policy and Terms of Use.
Accept
Health Works CollectiveHealth Works CollectiveHealth Works Collective
  • Health
    • Mental Health
  • Policy and Law
    • Global Healthcare
    • Medical Ethics
  • Medical Innovations
  • News
  • Wellness
  • Tech
Search
© 2023 HealthWorks Collective. All Rights Reserved.
Reading: Who Certifies HIPAA Compliance?
Share
Notification Show More
Font ResizerAa
Health Works CollectiveHealth Works Collective
Font ResizerAa
Search
Follow US
  • About
  • Contact
  • Privacy
© 2023 HealthWorks Collective. All Rights Reserved.
Health Works Collective > Technology > Medical Devices > Who Certifies HIPAA Compliance?
eHealthMedical DevicesMedical InnovationsMedical RecordsMobile HealthPolicy & LawTechnology

Who Certifies HIPAA Compliance?

tswann
tswann
Share
3 Min Read
HIPAA certification
SHARE

Who certifies HIPAA compliance?

The short answer is no one.

HIPAA certificationUnlike PCI, there is no one that can “certify” that an organization is HIPAA compliant. The Office for Civil Rights (OCR) from the Department of Health and Human Services (HHS) is the federal governing body here. And, HHS does not endorse or recognize the “certifications” made by private organizations.

Who certifies HIPAA compliance?

More Read

How is Gaming Changing the Landscape in Health Care? Part 3 | Bill Crounse, MD, Microsoft
Techniques for Matching Patient Record Data Across Disparate EHRs and Other Systems
Is Your Website Keeping Patients Away From Your Medical Practice?
3 Important Rule Changes In Short-Term Health Insurance Plans
The Ripple Effect of the Nursing Shortage on Patient Care and Healthcare Staffing

The short answer is no one.

HIPAA certificationUnlike PCI, there is no one that can “certify” that an organization is HIPAA compliant. The Office for Civil Rights (OCR) from the Department of Health and Human Services (HHS) is the federal governing body here. And, HHS does not endorse or recognize the “certifications” made by private organizations.

There is an evaluation standard in the Security Rule § 164.308(a)(8), and it requires you to perform a periodic technical and non-technical evaluation to make sure that your security policies and procedures meet the security requirements. But, HHS doesn’t care if the evaluation is performed internally or by an external organization.

Having said all that, being evaluated by an independent, third party auditor is still a really good idea. Even though it is not official you should still do it. There are a number of great companies that can help. For example, Coalfire Systems (http://www.coalfire.com) and ComplySmart (http://www.complysmart.com) offer HIPAA Assessments.

Important. Even if you get a “certification” from an external organization HHS can still come in and find a security violation. Third party audits and “certifications” do not absolve you from your legal obligations under the Security Rule.

It is interesting to note that Texas was the first state in the nation to create a formal Covered Entity Privacy and Security Certification Program. The program was developed as part of Texas’ House Bill (HB) 300. The Texas Health Services Authority (THSA) and the Health Information Trust Alliance (HITRUST) have partnered to implement the Certification Program. They will tell you that the Texas state law protecting patients’ health information is more stringent than HIPAA. So in theory, if you are certified by the THSA, then you are ipso facto HIPAA compliant. Don’t hold me to that because HHS does not endorse or otherwise recognize this claim. But, considering the absence of a federal seal of approval this is a fantastic program and a step in the right direction.

(HIPAA / shutterstock)

TAGGED:HIPAA
Share This Article
Facebook Copy Link Print
Share

Stay Connected

1.5KFollowersLike
4.5KFollowersFollow
2.8KFollowersPin
136KSubscribersSubscribe

Latest News

How Healthy Meal Kits Are Helping Millennials and Gen Z Build Better Eating Habits
Uncategorized
July 9, 2026
Understanding the Connection Between Chronic Pain and Mental Health: A Path to Holistic Healing
Understanding the Connection Between Chronic Pain and Mental Health: A Path to Holistic Healing
Anxiety Mental Health
July 6, 2026
Florida Nurses Face Growing Licensing Risks: Understanding the Investigation Process and How to Protect Your Career
Florida Nurses Face Growing Licensing Risks: Understanding the Investigation Process and How to Protect Your Career
Nursing Policy & Law
July 2, 2026
Most Clinician Wellness Programs Are Built for a Schedule Nurses Don't Have
Most Clinician Wellness Programs Are Built for a Schedule Nurses Don’t Have
Career Nursing
July 2, 2026

You Might also Like

slow healing
FinanceHospital AdministrationPolicy & Law

The Slow Work of Healing

April 24, 2013
primary care revenues
BusinessFinanceHealth ReformHospital AdministrationPolicy & Law

Hospital Revenues from Primary Care: Recruiting Firm Notes “Seismic Shift”

May 22, 2013
proxy data access best practices
eHealthMedical RecordsPolicy & Law

Best Practices for Proxy Data Access

April 19, 2014

Nurse Practitioners & Physician Assistants: A Solution For The Primary Care Dilemma

June 11, 2012
Subscribe
Subscribe to our newsletter to get our newest articles instantly!
Follow US
© 2008-2026 HealthWorks Collective. All Rights Reserved.
  • About
  • Contact
  • Privacy
Welcome Back!

Sign in to your account

Username or Email Address
Password

Lost your password?