Avoid HIPAA Infractions

Is your organization HIPAA-compliant? CompCiti can help ensure you're meeting all HIPAA requirements.

HIPAA (Health Insurance Portability and Accountability Act of 1996), in its simplest form, is a set of rules for any person or company that handles electronic protected health information (ePHI).

CompCiti HIPAA-Compliance AuditsHowever, HIPAA is far from simple! If you feel overwhelmed and confused, you’re not alone. Many clinics, private practices, and other businesses do not fully understand what they need to do to be compliant.

Unfortunately, the costs of not understanding HIPAA can be incredibly high in the forms of fines, fixing breaches, and lost patients.

According to the U.S. Department of Health and Human Services (HHS), Office for Civil Rights: “All providers who are ‘covered entities’ under HIPAA are required to perform a risk analysis.” Covered entities defined in the HIPAA rules include healthcare providers who “electronically transmit any health information in connection with transactions for which HHS has adopted standards.”

The Good News about HIPAA Compliance

The good news about HIPAA compliance is that there are some specific steps you can take right now to help protect your patients’ ePHI – and protect yourself legally:

  • Perform a thorough HIPAA Risk Assessment
  • Write a set of HIPAA security policies and procedures
  • Train employees on HIPAA security
  • Provide security breach response steps and documentation
  • Ensure any business associates handling ePHI in your database is clear on their obligations

CompCiti Business Solutions, Inc. can help. We’ve partnered with one of the top HIPAA security companies, HIPAA Secure Now!, to perform full HIPAA Risk Assessments and to help with training and procedures. You’ll receive a full report including a checklist of items that need to be addressed (see below for a list of common issues).

You don’t have to wonder anymore if you’re clinic or office is HIPAA-compliant. Contact CompCiti right now to find out how we can help.

Why is it Important to be HIPAA-Compliant?

For one thing, HIPAA-compliance is the law. A quick Internet search will reveal that many companies have been fined $50,000, $100,000, even $1.5 million.

But that’s not all. It’s estimated that the cost of recovering after a security breach is about $233 per medical record (2013 numbers) not including fines. These costs are the direct costs of contacting clients/patients, setting up a help desk and fielding extra phone calls, recovering and securing data, and investigating the data breach, as well as the indirect costs of losing clients due to your damaged reputation.

Besides, you care about your patients. Chances are, you want to do everything you can to ensure their personal information is not lost to hackers, data theft, or inappropriate access by non-authorized people. That’s reason in itself to protect yourself now, before it’s too late.

Not only will HIPAA Secure Now! provide you with a full report of their assessment, but they also offer $100,000 financial protection for annual subscribers to cover any costs associated with audits, fines, and more.

The cost of compliance is very affordable. The cost of non-compliance… not so much!

Common Findings of a HIPAA Risk Assessment

For some small clinics and private practices, the issue isn’t a lack of understanding of HIPAA as much as it is a lack of understanding the technology. Many believe that they have secured patient ePHI, only to find out that there are some serious problems. The most common problems are a:

  • lack of encrypted offsite data backup
  • lack of a disaster recovery plan
  • lack of email encryption
  • lack of laptop encryption
  • lack of mobile encryption (smartphones / tablets / USB drives, etc.)
  • lack of anti-virus protection
  • lack of security patching of servers and desktops
  • lack of security penetration and vulnerability testing
  • lack of security incident response procedures

Okay, I Have a HIPAA-Related Issue. What Now?

This is where CompCiti steps in to help fix your issues. As one of the oldest and most trusted IT professionals in New York, we provide a whole host of services including:

  • Database backup and recovery planning
  • Network security including anti-virus upgrades and updates, 24/7 monitoring, and other measures
  • Full encryption services for your computers, laptops, email, mobile devices, and anywhere else you store or transmit ePHI
  • Ensuring your network and communications are fully HIPAA compliant

Despite that CompCiti does not handle any ePHI itself, it maintains full HIPAA compliance. This maintenance helps the company understand its clients’ needs and ensure that its technology is secure by regularly-changing standards.

Contact CompCiti today to ensure that your systems are fully HIPAA compliant.

CompCiti Google 5-Star Rating
BBB Accreditation Logo

Contact CompCiti

Find Out How CompCiti Can Increase Your Cybersecurity and Keep Your Company Safe