“We are HIPAA compliant. Our IT company and attorney does this for us” said the Doctor. With a simple initial review, the office realized how far out of compliance they were. The IT company did keep their computers and network secure, but did not cover the other items that comprise about 2/3 rds of what is needed, nor did they do the HIPAA documentation or Business Associate agreement reviews. The attorney handled a couple of items such as answering questions about HIPAA. The implementation of policies and procedures was left to the office people. Who is the designated compliance officer? Who is responsible for implementation of everything? Who has the extra compliance training necessary? Who is responsible for gathering all of the documents and keeping everything updated? Who checks the Business Associates? If it’s not documented, it’s not done.
Curran Data Technology will do this for you. No more worrying:
- Is this done?
- where is the HIPAA book?
- what has been documented?
- do the documents need to be updated?
- are the business associates compliant?
Easily, simply, and efficiently, Curran Data will do the HEAVY Lifting and remove this burden.
Psychiatrist’s off-site Office
Not a typical medical office. Most clinicians see patients outside of the office. This requires having access to medical records on the go. While the application is secure, many of the other tools are not. Telephones, tablets, voice mail, shredding, notes, and wifi connections are among things that needed to be changed with proper procedures and policies.
Curran Data Technologies came in, did the HEAVY Lifting, developed a Risk Analysis, built a Remediation plan, and successfully implemented the plan. With ongoing monitoring for updates, annual training, continual review and updating of documentation, this office can be assured that when the audit happens, it will be simple, easy, and economical. Questions can now be answered without calling their expensive HIPAA attorney.
A large area of risk for both the facility and patients. It doesn’t matter if a company operates 1 or 100 communities. You have a target on your back for collecting and storing sensitive data such as health records and financial data on your customers.
Patient fraud of records can take place for quite some time before it is found. Ponemon Institute says the long term costs far outway the short term costs such as the notification, forensic investigation, and HIPAA fines. You will feel the after effects in the form of reputational losses, customer churn, and loss of goodwill.
Curran Data Technologies does the HEAVY Lifting and brings structure to the process, allowing for easy monitoring and HIPAA Compliance. Remember Compliance is not the same as Security.