top of page

The TFS Security Risk Assessment 

Methodology forms the foundation for an

interactive approach to our

HIPAA Security Risk Assessment.  TFS'

assessment is based directly on the  HIPAA Security

Rule, where we use the HIPAA Security Series as well as the NIST standards (National Institute of Standards and Technology) to work with your team to perform a detailed gap analysis of the 54 HIPAA Security Rule mandates.  Our assessment is a combination of both onsite meetings and remote work, where our focus is to complete your assessment with the least amount of travel expense and minimal disruption to your team’s busy schedule.  The end result is best summed up by one of our clients:

 “TFS took nondescript regulations and applied a prescriptive framework with an easy to manage and measure gap analysis. Their comprehensive assessments and progress reports provides a rare level of clarity in a very complex environment. That’s not something I’ve experienced with any other vendor in this space during my career (30 years). Well done”. 

TFS strives to do more and constantly improve our coverage and process.  TFS recently launched Security Alerts as a free service to add more value to our clients overall security management program.  These alerts help our clients stay in current on critical security happenings without being buried in all the literature being released on a daily basis.  These Security Alerts also help satisfy HIPAA Security Rule Administrative Safeguards (Mandate 39 -  §164.308(a)(5)(ii)(A) "communicate

periodic security reminders to communicate about new or important issues".  This is just one more way that we live up to the saying, Over delivered.  Not overpriced.™

HIPAA Security

Risk Assessment

We put IT in HIPAA SecurITy!™

We collaborate with our clients, forming relationships, in order to be a resource when they need us.

TFS goes beyond the initial assessment in order to show continuous  improvement to the organization’s security program, TFS not only performs an initial HIPAA Risk Assessment at the client’s organization but follows up with a mid-year review to document progress and improvements to the security program.  In an effort to provide our clients with the most accurate and detailed HIPAA risk analysis possible, TFS constantly re-evaluates its auditing processes and scoring criteria to reflect the latest research in the area of HIPAA Security.

TFS is proud of the partnerships we build with our clients. We collaborate with our clients, forming relationships, in order to be a resource when clients have questions or when they just want to “bounce an idea off” of an expert in the security field.

TFS analyzes the HITECH statistics of our client base and provides the results of the analysis to our clients in order to help them see how they compare to other organizations in meeting the security mandates.


TFS compares similar organizations (e.g. small, medium and large facilities and health systems), analyzing each mandate to understand areas that clients are doing well as well as areas that clients need improvement.

bottom of page