Skip to the main content.


Managed IT Services

Responsive and innovative managed IT services to support your business and drive growth.

Learn More


IT Services

Responsive technical services to support your business and drive growth.

Professional Services

Leverage our team's deep experience to drive key business outcomes and transform your business.


Supercharge your productivity and drive collaboration for employees, clients, and vendors.


High performance cloud and network solutions to accelerate your business.



Join our team for our insightful
online and in-person events.

Resource Library

Dive into our growing content library and learn how we partner with clients to achieve success.


Learn how we partner with clients in key verticals to solve challenges and drive growth.

Quest logo

Request support, track orders, and access self-help on our advanced online platform.

Client Portal


Chat with a Solutions Specialist to learn about our IT services and solutions.

Get Started

When Was Your Last HIPAA Risk Assessment?

When Was Your Last HIPAA Risk Assessment?

Cybersecurity is often overlooked, especially among smaller healthcare practices that assume they can fly under the compliance radar. Additionally, some practices lack resources to invest in robust compliance and security solutions, or have a small staff focused on other priorities. However, not being compliant can pose significant risks including data breaches and costly HIPAA non-compliance fines.

The Sourcepass team understands how complicated HIPAA compliance can seem to healthcare practices focused on treating patients. Sourcepass can conduct a HIPAA compliance assessment and create a plan to address any identified non-compliance risks.

You Can’t Afford to Cut Corners on HIPAA Compliance

Non-compliance with HIPAA regulations may lead to significant consequences, both financially and legally. Fines for violations range from $100 to $50,000 per violation, with a maximum penalty of $1.5 million for repeat offenses. Serious violations can even lead to criminal charges, potentially resulting in jail time.

One such violation occurred a few years ago with Premera Blue Cross resulting in a $6,850,000 penalty for a data breach that compromised the protected health information of 10,466,692 individuals. Furthermore, the practice resolved a multi-state action by paying $10 million and successfully settled a class-action lawsuit filed by the breach victims for $74 million.

When Was the Last Time You Checked Your HIPAA Compliance?

To maintain ongoing HIPAA compliance, it is necessary to regularly review and update your policies and procedures in response to regulatory changes and internal developments. While you can undertake this process independently, engaging with an expert third-party can help you focus on healthcare priorities.

The assessment should include:

  • Comprehensive evaluation of all risks associated with Protected Health Information (PHI), considering its privacy, availability, and integrity. Thorough documentation of data storage, reception, maintenance, and transmission locations is essential.
  • Identification and documentation of potential threats, including their probability of occurrence and potential impact. Utilizing this information, a theoretical risk level can be determined.
  • Assessment of your cybersecurity measures to ensure they align with or exceed HIPAA standards.
  • Documentation of all assessment information and the formulation of an Action Plan to address any identified noncompliance issues and mitigate risks.

By following these assessment recommendations and engaging in a systematic assessment process, you can proactively manage HIPAA compliance and safeguard sensitive patient data.

Sourcepass can help. For more information on how Sourcepass can help with HIPAA compliance, contact Germany Caushi, Cyber Risk Advisor at (877) 678-8080.