Is Your Business a Health Care Provider and Governed by HIPAA Compliance Regulations in Maryland, Virginia, and the Washington DC Metro Areas
Do you know if your practice's I.T. environment is HIPAA compliant? If you don't know the answer to this question or you are concerned that you may not be compliant then MicroServe can help.
Call us today to arrange a time to meet in person so we can review your I.T. Environment and discuss your current level of HIPAA compliance.
Have you been reported for a HIPAA violation? Are you being audited by HHS?
There are many warning signs that things are not right and if these warnings are not taken seriously then there may be significant repercussions to your practice.
If you are not actively examining your practice's network for security holes and current HIPAA violations, then you are not HIPAA compliant. (HIPAA Security Rule 164.308(a)(1)(ii)(A&B))
We cannot stress enough how important it is to take HIPAA compliance seriously! HIPAA violations do and WILL occur. When a violation occurs it is your responsibility to ensure you fall under the “reasonable diligence” and not the “willful neglect” category. The difference between these categories is a “slap on the wrist” versus a business crippling fine up to $1.5 million per occurrence.
We truly care about our clients and the success of their business; if our clients succeed, we succeed!
Engage with MicroServe to audit your HIPAA compliance before HHS does.
MicroServe will perform a detailed I.T. Audit to discover all the HIPAA issues on your network and rank them in the order of importance for resolution. Our extensive I.T. Audit is based on HHS Office of Civil Rights HIPAA Audit Program Protocol. While your practice may not have blatant HIPAA violations in your I.T. Infrastructure we can make sure you are doing the necessary due diligence to ensure your HIPAA compliance. For more information on HIPAA audits you can visit the HHS website.
Does your Reputation matter?
But possibly the most important aspect of making sure your practice is HIPAA compliant is your reputation. Putting all reasonable HIPAA safeguards in place protects your ePHI minimizing the chances of breaches and data loss. Adequate safeguards will minimize the chances you will have to report a breech to your patients, HHS, and in some cases to local TV and radio stations as required by the federal HITech Act.
Call today to setup a meeting.
Give MicroServe a call at (866) 382-8009 so we can schedule an in person meeting to discuss your HIPAA Compliance posture and make sure that everything is being done to ensure your HIPAA compliance.
In the meeting we will discuss things at a business level rather than just a technical level. From the meeting we may recommend actions that in turn may lead to some projects. MicroServe would be doing things regarding HIPAA compliance at the technical safeguards level but there are some actions you will need to do at the business level.
Following are some examples of what we will discuss in the meeting:
1). Regular Periodic Audits (Quarterly or Semi-Annually)
There should be periodic audits performed on a regular basis with the practice's compliance officer. Regardless of what anyone thinks is going on, doing official, 3rd party, documented audits with the business stakeholder is required by HIPAA regulations.
2). HIPAA Compliant
While MicroServe will do everything we can to ensure you are HIPAA compliant, ultimately HHS will say it is the practice's responsibility to be compliant NOT their I.T. consultant.
3). HIPAA Documentation
Full HIPAA compliance goes way beyond the technical safeguards; a large portion of HIPAA compliance is documentation. The majority of that documentation is nothing an I.T. consultant can control or should be writing since it deals with the business's inner workings. This should be written by the compliance officer in conjunction with someone familiar with all aspects of the business and reviewed by I.T. for technical accuracy.