Compliance & Audit

  • DFS regulation 23 NYCRR 500 - In New York State, Governor Andrew M. Cuomo announced the first-in-the-nation cybersecurity regulation to protect New York’s financial services industry and consumers from the ever-growing threat of cyber-attacks.
  • HIPAA-compliant GAP Analysis - To conform to HIPAA’s 3 Safeguards, 22 standards, and 53 implementation specifications.
  • Meaningful Use Risk Analysis – The first item required by HIPAA and core requirement for Meaningful Use funding.
  • Business Continuity Planning – A HIPAA requirement and the key to your organizational survival.
  • Security Incident Management – Breach remediation, mitigation and management as required by HIPAA.

Consider these examples:

  • A 5-doctor practice was fined $100,000 for sending patient data through unsecure e-mail.
  • A State Health Department paid $1.7 million after they lost a single backup drive.
  • A Teaching Hospital paid $1.5 million for a stolen laptop that contained 3,600 unencrypted patient records.
  • DFS announces Lincon Financial Group has paid $50.7 million to beneficiaries of New York policy holders for lost insurance claims.

“All of these situations could have been avoided for a fraction of the cost with proper consultation and remediation. NERO Consulting will help you create a culture of compliance within your practice. We provide all the tools and training to take the steps to create documentation, policies, and monitoring for everyday activities in your office.”