In today’s competitive environment, companies can gain a sustainable advantage through reviewing the significant number of transactions with outside vendors. One easy and cost effective way for companies to ensure they receive the optimal value for their expenditures is to conduct vendor and construction audits for compliance and cost recovery. Our clients benefit from a variety of cost saving measures including:

• Reimbursement from overcharges
• Improvement in return on investment
• Identification and mitigation of risks in contracts
• Improvement in internal controls and processes
• Standardization and enhancement of contracts
• Enhancement in relationships with key business partners
• Identification and establishment of preferred vendors

The Health Insurance Portability & Accountability Act (HIPPA) requires that healthcare organizations such as healthcare providers, health plans, public health authorities, life insurers, information systems vendors, service organizations, and universities provide improved efficiency in the delivery of healthcare services by standardizing the electronic interchange and protection of health data through standards for healthcare transactions and administrative information systems. HIPAA compliance is based on an organizations level of enforcement of the rules, regulations, and standards established by the Department of Health and Human Services (HHS) including those related to:

• Standardization of electronic patient health, administrative, and financial data
• Unique health identifiers for individuals, employers, health plans, and health care providers
• Security standards protecting the confidentiality and integrity of "individually identifiable health information," past, present, or future

The Health Information Trust Alliance (HITRUST) has released the HITRUST Common Security Framework (CSF) version 4.0 and updates to the CSF Assurance Program. The 2012 CSF includes changes and new guidance pertaining to the National Institute of Standards and Technology's (NIST) 800-53 revision 3 (SP 800-53 r3) and reflects industry recommendations, loss data trend analysis, and input from HITRUST Health Information Exchange and Mobile Device Working Groups.

UHY Advisors has been designated a Common Security Framework (CSF) Assessor by the Health Information Trust Alliance (HITRUST), authorizing the firm to perform the healthcare industry data security assessments most widely recognized by HIPAA, HITECH, states, and healthcare industry participants.

UHY Advisors officially became a Qualified Security Assessor Company (QSAC) in 2009. To achieve that credential, our professionals completed a comprehensive application process, background check and training effort to meet the rigorous requirements of PCI Security Standards Council. The firm offers the following PCI services to meet your compliance requirements and alleviate the demands imposed on merchants and payment card service providers:

• Annual Compliance Validation & Reporting
• Quarterly Vulnerability Assessments
• Penetration Testing
• Program Management for Merchants & Service Providers
• Readiness Assessment
• Remediation Assistance & Evaluation Services
• Scope Reduction Services
• Spot Check Programs
• Strategic Planning