Recently the role of Compliance has been added to my list of responsibilities. I am in the Healthcare Industry on the service side. I need to perform a GAP analysis to see what areas need to be addressed first. I will also be responsible for getting our organization prepared for an SSAE 16. With that in mind, does anyone have a consultant that focuses on both Compliance and would they consider the SSAE 16 a part of their expertise?
Compliance and SSAE 16
Answers
Yes and yes. I would be happy to offer more detail. Please feel free to reach out directly [email protected]
Since you mention that you are in the healthcare industry and have newly added compliance to your responsibilities, I suggest that you also consider HITRUST CSF as well as the SSAE 16. It is possible that HITRUST certification will fully meet your needs and, if not, that both together would be the best solution for your clients. By the way, AICPA and HITRUST work with each other and have coordinated their processes such that you can assess once and use the same assessment evidence to produce the two different assurance reports. The five founders of HITRUST have mandated that all their vendors obtain HITRUST certification during the next two years.
Filed Under:
FP&A