HIPAA (Health Insurance Portability and Accountability Act) is a federal law regulating the US healthcare system. It’s primarily purpose is to protect the privacy and security of our health/medical information (PHI: Protected Health Information) as well as give individuals certain inherent rights on that information.
The HIPAA regulations consist of two separate and distinct regulations:
HIPAA Privacy which involves protections from a people standpoint (employee training, policies and procedures, contracts, etc) &
HIPAA Security which involves protections for electronic data (federal information technology standards for healthcare)
Any organization or person who works in or with the healthcare industry or who has access to PHI (Protected Health Information) is going to fall under the HIPAA umbrella. This includes physicians, medical staff, hospitals, medical practices, medical students, pharmacies, durable medical equipment suppliers, answering services, collection agencies, marketing services, printers, IT and managed services, software companies
HOW ABADATA CAN HELP AND WHAT IS INVOLVED IN BECOMING HIPAA SECURITY COMPLIANT?
HIPAA Security Officer
An individual must be designated to take responsibility for and oversee HIPAA Security compliance at the organization.
Those employees who will be implementing HIPAA Security (such as the compliance officer and IT staff) will have to take an additional detailed course on HIPAA Security.
HIPAA Security Risk Assessment
Compare your organization’s information technology standards against the federal IT standards in HIPAA Security. Identify and fix any deficiencies.
Documents and Controls
Formal documents, controls and policies and procedures to protect electronic Protected Health Information in the organization and to document the standards followed in your organization.
Do you have questions?
We Can help
HIPAA security and what we do –
HIPAA Security requires many layers to network security that most small offices feel are out of reach. What we do as a MSP is provide the same level of security at a price that’s scalable for any size office.
Quarterly Business reviews for HIPAA compliancy.
Full reports on compliant and non-compliant attributes of the network. Logs, Policies, Procedures and documentation are included as part of our Security Network Assessment plus much more.