HIPAA Compliance

Helping you navigate regulation

 

Is HIPAA Compliance A Mystery To You?

  • Hackers are targeting healthcare. The threat of cyberattacks on healthcare has increased significantly due to the high value of PHI on the black market.
  • HIPAA violations tripled over 10 years. Confirmed HIPAA violations are skyrocketing. Their growth rate over the past 10 years outpaces almost any trend that comes to mind.
  • Stolen laptops continue to result in huge fines. In several instances, a single stolen laptop led to fines in excess of $1,000,000 from HHS.
  • A stolen thumb drive averages $925,000 in HIPAA fines. Since 2012, it costs an average of $925,000 in HIPAA fines for a single stolen thumb drive.
  • Stolen office computers can be subject to fines too. Even a computer that never leaves your office can still be subject to a costly fine due to a HIPAA Privacy Act violation.
  • Unpatched and unsupported software can also lead to fines.
Compliance does not equal security. Organizations may think they’re compliant, but data shows that they are not secure.

– 2014 SANS Health Care Cyberthreat Report
Healthcare organizations 81% permit BYOD personally-owned devices connecting to their networks but only 21% scan BYOD devices prior to connection to network.

– Ponemon survey of healthcare organizations
56% of patients whose data was breached lost trust and confidence in their healthcare provider.

– Ponemon 2013 Survey on Medical Identity Theft
Only 43% of healthcare providers have an accurate inventory of employees’ and customers’ personal data.

– Worldwide study by PwC, CIO Magazine & CSO Magazine
91% of healthcare organizations are using cloud-based services.
47% are not confident in the ability to keep data secure in the cloud.

– Ponemon survey of 80 healthcare organizations, December 2012

What Can You Do?

Our company specializes in conducting comprehensive, confidential HIPAA Risk Assessments for health and medical organizations like yours. We use a combination of specialized software, on-site observations and interviews with your staff to uncover a broad range of issues that could result in a data breach and/or a fine if discovered by a random government audit. Resolving some issues may be as simple as training your employees to update passwords. But others could be much more serious and involved, like changing the data back-up and recovery program. Our comprehensive HIPAA Compliance service uses a proprietary Risk Score Matrix algorithm that prioritizes the work that should be done based upon potential impact to your practice. We not only provide you with a full set of HIPAA documentation required under the Security Rule, but also offer the ongoing expert IT services you need to resolve any HIPAA related IT issue we discover.

Our service leverages the accuracy and efficiency of specialized computer software, combined with the expert know-how of our experienced IT support engineers and staff.

How The Process Works

The first step in performing a valid comprehensive HIPAA assessment is gathering and organizing the vast amount of data that must be collected from a variety of sources. Our software tools provide a central repository to safely and securely collect the information.

Next, we conduct a “Site Interview” to obtain the answers to a series of questions about HIPAA-related IT issues such as ePHI. This step insures that we collect the same information that a government auditor would be looking for.

Then we conduct an on-site survey to personally observe the environment, take photographs and check on a wide range of security policies. There’s no guesswork here – our service includes a comprehensive checklist of things to look for. We use a series of computer-generated worksheets that are automatically cross-correlated with the data collected by our data collectors to ensure there are no anomalies. We will also run local HIPAA scanners on each PC in your office to collect even more HIPAA required data. All of the information gathered is then analyzed by our specialists and organized into a set of official HIPAA Compliance reports and documents that we certify and provide to you as part of our service offering.

What Our Clients Say

  • Thank you guys for everything this week! I know it’s been hectic but you guys always pull through with us. Have a great day!!

    Florida Home Realty

  • You guys are the best. After all these years of screwing around with other IT services that made things worse half the time, you guys came along and renewed my faith!

    WD Music Products

  • Very happy with the service, when we call, everything is addressed on a timely basis… Thank you all for your help…

    Southwest Florida Eye Care

  • I have always found the assistance provided to be absolutely fantastic – very professional and friendly.

    Foster and Foster