GDPR & HIPAA Privacy Impact Assessments

GDPR & HIPAA Privacy Impact Assessments

Do you have confidence that your privacy program complies with applicable regulatory requirements?
How confident are you in your response to an OCR audit request or to an actual breach?

All of our HIPAA Privacy reviews assess against the HIPAA Privacy Rule, OCR Audit Protocol, HITRUST privacy controls, NIST 800-53 privacy controls, and applicable state laws. Our pragmatic approach is based on what is considered “reasonable practice” required to satisfy privacy compliance requirements in a practical and cost-effective manner.

Are you unsure of what the requirements are to comply with GDPR?

Meditology’s privacy impact assessment based on GDPR requirements identifies the controls (existing or planned) to comply with GDPR legal requirements and the impact of a data breach attributable to deficiency or absence of a required control.


  • Ranked #1 Best in KLAS for Cybersecurity Advisory Services in 2019 and 2020
  • HIPAA expert witness firm for OCR
  • Experienced CISOs and Privacy Officers
  • Dedicated to healthcare
  • Hundreds of clients coast to coast
  • Advisors to ONC / HHS