SecurityMetrics Helps Covered Entities Evaluate Business Associate Risk for Confident HIPAA Compliance

Program helps healthcare entities extend commitment to patient data security

Oct 23, 2013, 07:26 ET from SecurityMetrics

SALT LAKE CITY, Oct. 23, 2013 /PRNewswire/ -- To address the legal and ethical HIPAA responsibility now assumed by business associate (BA) employers, data security and compliance leader SecurityMetrics created a program that painlessly guides large covered entities through BA HIPAA compliance management.


SecurityMetrics' HIPAA BA Program helps healthcare providers, hospitals, compliance officers, health plans, and clearinghouses customize plans to meet U.S. Department of Health and Human Services' (HHS) new requirements to obtain satisfactory assurances of correctly handled protected health information (PHI) by business associates. As well as guiding business associates through HIPAA compliance, the program provides simple attestation tools that allow compliance officers to track and view BA HIPAA compliance status.

"According to an analysis of HHS data, 57% of patient records breached involve business associates," said Brad Caldwell, CEO of SecurityMetrics. "By discovering BA vulnerabilities through a mass compliance program, organizations can confidently mitigate organizational risk and meet HIPAA compliance requirements."

After SecurityMetrics compliance consultants gather data from BAs through a prioritized scoping survey, each BA is categorized into a prioritized risk level. Through program customization, each business associate engages in appropriate education, a guided risk analysis, a prioritized risk management plan, ongoing support, and HIPAA compliance implementation to help them make timely and continuous improvements to PHI security.

To learn more about SecurityMetrics' BA HIPAA compliance program, contact 801.995.6860 or email

About SecurityMetrics (
SecurityMetrics is a global leader in data security that enables businesses of all sizes to comply with government, healthcare, and financial mandates. Since its founding date, the company has helped over 1 million organizations worldwide protect their network infrastructure and data communications from compromise. Among other services, SecurityMetrics offers HIPAA compliance services, penetration testing, security consulting, mobile device vulnerability scanning, payment data discovery, and incident response. Founded in October 2000, SecurityMetrics is a privately held corporation headquartered in Orem, Utah. For more information visit

SOURCE SecurityMetrics