HIPAA/HITECHNavigate the Complex World of Healthcare Privacy and Information Security
WHAT IS HIPAA AND WHY DO I NEED A HIPAA COMPLIANCE AUDIT?
The Health Insurance Portability and Accountability Act (HIPAA) and subsequent Health Information Technology for Economic and Clinical Health (HITECH) set a national standard for the safeguard of consumer’s protected health information (PHI). Certain health care organizations (Covered Entities), and their business associates are required to comply with the HIPAA Security and Privacy Rule requirements along with the Data Breach Notification law. Compliance requires each organization, regardless of size, to implement vigorous information security and privacy controls whose effectiveness must be assured by a licensed CPA firm.
What is a Covered Entity?
Healthcare organizations that meet the definition of a covered entity must comply with HIPAA. Covered entities typically include health plans, health care clearinghouses, and certain health care providers. If a covered entity engages a business associate to help carry out its health care activities and functions, it requires the business associate to comply with HIPAA requirements in order to protect the privacy and security of protected health information (PHI).
What is a Business Associate?
Most health care providers and health plans do not perform all of their health care activities themselves. Instead, they often use the services of 3rd parties or “business associates” to carry out these functions. A “business associate” is an organization that performs certain functions or activities that involve the use or disclosure of protected health information (PHI) on behalf of, or provides services to, a covered entity.
Business associate functions and activities include:
- Claims processing or administration
- Data analysis, processing or administration
- Quality assurance
- Benefit management
- Practice management
HIPAA allows covered providers and health plans to disclose protected health information to these “business associates.” However, they must obtain satisfactory assurances that the business associate will use the information only for the purposes for which it was engaged by the covered entity, will safeguard the information from misuse, and will help the covered entity comply with its duties under the HIPAA Rules.
BENEFITS OF OBTAINING A HIPAA COMPLIANCE AUDIT
- A covered entity or business associate that successfully completes a HIPAA Compliance Audit performed by a licensed CPA firm demonstrates compliance with the required measures to safeguard protected health information (PHI).
- A HIPAA Compliance Audit can differentiate your company and help your customers gain the peace of mind that the protected health information (PHI) you’re safeguarding is secure and in compliance with the HIPAA Rules and HITECH breach notification requirements.
- A HIPAA Compliance Audit performed by a licensed CPA firm can prevent your company from incurring costly penalties for failure to comply with the rules.
HOW CONTROL LOGICS CAN HELP
Our experienced information security and privacy consultants understand the unique regulatory challenges your organization faces and offer a streamlined, common-sense approach for HIPAA compliance. We will determine where your environment currently stands against the Security Rule, develop policies and procedures that align with your regulatory compliance and information security goals, perform a HIPAA Compliance Audit to assess your organization’s controls against the HIPAA rules and provide independent third-party validation that your controls are adequately protecting your protected health information (PHI). We will develop a customized, cost effective path to HIPAA compliance that is appropriate for the size and complexity of your organization.
In addition to a streamlined approach, Control Logics offers:
- Competitive, fixed-fee pricing
- Discounts for multi-year contracts
- Reduced on-site fieldwork by using our secure online client portal
- Director-level support and involvement in each phase of the engagement
To see how we can help your organization, contact us today!
FOR ASSISTANCE WITH HIPAA, PLEASE COMPLETE THE CONTACT FORM BELOW OR SEND US AN EMAIL AND ONE OF OUR SUBJECT MATTER EXPERTS WILL RESPOND TO YOU SHORTLY.