With the passing of the HITECH Act in 2009 compliance with the final HIPAA Omnibus Rule is mandated for covered entities and most importantly their third-party vendors or business associates. Failure to comply can lead to severe legal difficulties for healthcare organizations and their business associates. Therefore, it is vital that these organizations address security and privacy control effectiveness and have a process for continually monitoring and improving their overall security posture. Blue Lance can help manage this process and provide customers with the confidence that compliance measures are implemented effectively.

Contact Us for More Information


  • Create an overview of your HIPAA risk profile.
  • Evaluate the Patient Data Inventory.
  • Review of current policies, processes, and procedures related to HIPAA compliance.
  • Conduct an assessment of your current performance in line with HIPAA.
  • Make recommendations for improvement of the healthcare control environment.
  • Assess current HIPAA compliance training.
  • Assess by line functions and internal audit your current level of HIPAA compliance monitoring.


  • Your review procedures will closely resemble those used by the audit community and most federal agencies.
  • We will create a report that assesses your HIPAA program based on your unique organizational needs.
  • Our HIPAA compliance professionals work with your team to find solutions to compliance problems.
  • Your employees can focus on serving the needs of your customers/members while we take care of your compliance.


  • HIPAA Compliance Readiness Report.