HIPPA COMPLIANCE & SECURITY ASSESSMENT
OCR referred 656 complaints to the Department of Justice (DoJ) for possible criminal prosecution. Suggesting the agency made 13 referrals in October compared to 4 in August. Appearing to be the single most referrals OCR has made to DoJ since enforcement in the last 10 yrs.
OCR is investigating at least 390 breaches affecting 17,239,844 patients as of Nov. 17, 2017
OCR received 167,321 complaints as of Oct. 31, indicating that it received 2,146 patient complaints in October compared to 2,350 in August, according to an analysis by HIP/SA.
FBI recently stated that healthcare data is a high-value target for cyber criminals and pushed for a collaborative approach to cyber security.
HIPAA Compliance is a continually evolving standard that takes continuous effort to maintain. As more dangers and regulations arise, so must vigilance. We take the burden off your shoulders.
Risk Analysis Requirements under the Security Rule
The Security Management Process standard in the Security Rule requires organizations to “implement policies and procedures to prevent, detect, contain, and correct security violations.” (45 C.F.R. § 164.308(a)(1).) Risk analysis is one of four required implementation specifications that provide instructions to implement the Security Management Process standard. Section 164.308(a)(1)(ii)(A) states:
RISK ANALYSIS (Required).
Conduct an accurate and thorough assessment of the potential risks and vulnerabilities to the confidentiality, integrity, and availability of electronic protected health information held by the [organization].
When was the last time your office conducted and assessment of your security? Have you implemented policies and procedures to prevent, detect, contain, and correct security violations? In order to detect and prevent violations, proactive monitoring is a must.
We can assess your office and create a Binder outlining all of your information for a quick reference. By monitoring and managing your network we WILL be able to detect and contain violations inexpensively with ease.
Security Awareness and Training
(§ 164.308(a)(5)(i))
We proposed, under the requirement ‘‘Training,’’ that security training be required for all staff, including management. Training would include awareness training for all personnel, periodic security reminders, user education concerning virus protection, user education in the importance of monitoring login success/failure, and how to report discrepancies, and user education in password management.
When was the last time your staff was trained on current threats and vulnerabilities? We stay current to keep your staff educated and compliant.
We understand that as the responsible person for your organization that HIPAA Compliance is not your only responsibility. Your normal daily duties consume the majority of your day. Don’t allow compliance to be a burden. Allow us to be your guardian that protects and maintains your organization.
I have known Jason Green since 2005 and have relied on him since 2007 for my IT needs. Being a very busy psychiatric practice of eleven clinicians and over eighteen support staff, we have many different IT needs. He is just a phone call or email away, answers promptly and takes care of everything from installation of software to developing and maintaining my website and email accounts.
Jason is very knowledgeable and intuitive to our needs as a medical practice. He is extremely professional and I would highly recommend him to anyone in need of IT services.
Jason and the staff at Com Guardians are the best! We recently purchased a new medical system and Com Guardians were there for us at each new installation. Jason made sure someone was onsite at each of our go lives from practice management, electronic health records, even to our scanning and faxing issues. Jason has always come to our office in a very timely manner or he will send someone just as professional to take care of our computer needs. I would recommend Com Guardians for any computer needs.
Com Guardians: Better than those Box Stores, used both and you get personnel service and honest answers.