Compliancy Group News

Webinar Today: Do I Need to be HIPAA Compliant?

“Covered Entities” are required to comply with the Health Insurance Portability and Accountability Act (HIPAA). Covered entities are healthcare providers, health plans, and healthcare clearinghouses, which must ensure they are fully compliant with the HIPAA Privacy, Security, Omnibus, and Breach Notification Rules.

There is a common misconception that HIPAA only applies to these entities, when compliance is mandatory for virtually all companies and individuals who work in healthcare in any capacity. There have been many fines imposed on organizations and companies that did not believe compliance was necessary or failed to fully grasp what compliance entailed.

Any company or individual that either handles protected health information (PHI) or otherwise comes into contact with PHI is required to comply with the HIPAA Rules, even if they do not fall under the classification of covered entity. That includes any business that provides goods or services to covered entities that requires contact with PHI.

To clear up confusion about whether compliance with the HIPAA Rules is required, Compliancy Group will be hosting a webinar on September 22, 2021 and will explain to whom the HIPAA Rules apply.

If you are in any doubt about whether you or your company need to be compliant with the HIPAA Rules, be sure to attend the upcoming webinar.

Follow the link below to sign up from the webinar to discover if you are currently at risk of a financial penalty for noncompliance and, if so, what you need to do to become HIPAA compliant.

Webinar Details:

Do I Need to be HIPAA Compliant?

Wednesday, September 22, 2021

2:00 p.m. ET / 11 a.m. PT

The post Webinar Today: Do I Need to be HIPAA Compliant? appeared first on HIPAA Journal.

Compliancy Group Confirms Alan Simberg, LLC has Implemented an Effective HIPAA Compliance Program

Compliancy Group has confirmed Alan Simberg, LLC has implemented an effective HIPAA compliance program that meets the regulatory standards of the HIPAA Rules.  

As a licensed Marriage and Family Therapist and Chemical Dependency Counselor, Alan Simberg, LLC falls under the definition of covered entity and is required to comply with the standards of the Health Insurance Portability and Accountability Act (HIPAA).

Implementing a HIPAA compliance program can be a challenge for small healthcare providers, which is why many seek assistance from third-party compliance experts. To ensure no provisions of the HIPAA Rules were overlooked, Alan Simberg partnered with Compliancy Group and used the company’s proven HIPAA compliance methodology to ensure that policies and procedures were fully compliant with HIPAA standards, and all potential risks to the confidentiality, integrity, and availability of protected health information were addressed and reduced to a low and acceptable level.

“Being HIPAA compliant is important to me because it verifies that I follow the highest mental health industry standards to protect my client’s confidential health information. This helps to assure my clients that I have taken every possible precaution to protect their personal information,” said Alan Simberg. “By demonstrating that I adhere to this standard my clients can feel comfortable talking with me about their deeply personal and troubling concerns without having to worry about unauthorized individuals having access to their information.”

After completing Compliancy Group’s six stage implementation program, and tracking progress using Compliancy Group’s proprietary compliance tracking software solution – The Guard, the company’s HIPAA compliance subject matter experts assessed Alan Simberg’s good faith effort toward HIPAA compliance.

After confirming Alan Simberg had implemented an effective HIPAA compliance program and was fully compliant with the regulatory standards of the HIPAA Privacy Rule, HIPAA Security Rule, HIPAA Breach Notification Rule, HIPAA Omnibus Rule, and the HITECH Act, Compliancy Group awarded him the HIPAA Seal of Compliance.

“I believe that having my compliance with HIPAA standards validated is something that potential and current clients will find assuring and comforting,” said Simberg.

The post Compliancy Group Confirms Alan Simberg, LLC has Implemented an Effective HIPAA Compliance Program appeared first on HIPAA Journal.

Curogram Confirmed as HIPAA Compliant by Compliancy Group

The texting and telemedicine platform provider Curogram has demonstrated its commitment to compliance with the Health Insurance Portability and Accountability Act (HIPAA) Rules with Compliancy Group and has been determined to have implemented an effective HIPAA compliance program.

Curogram’s patient-centric healthcare messaging platform helps optimize medical offices’ front desks by automating time-consuming tasks, streamlining processes, improving communication, and creating efficiencies that benefit providers, staff, and patients.

The vendors of text messaging platforms that are used to create, store, or transmit protected health information are considered business associates under HIPAA and are therefore obliged to comply with certain provisions of the HIPAA Rules and must ensure safeguards are implemented to ensure the confidentiality, integrity, and availability of protected health information (PHI).

HIPAA-covered entities that uses these platforms have a responsibility to ensure that any PHI provided to these platform providers or is otherwise made available to them through the use of their platform is protected at all times and must enter into business associate agreements with the platform vendor.

Curogram is committed to HIPAA compliance and recently partnered with Compliancy Group to ensure that the company and its platform are fully compliant with all appropriate aspects of the HIPAA Privacy Rule, Security Rule, Breach Notification Rule, Omnibus Rule, and the HITECH Act.

Curogram adopted Compliancy Group’s HIPAA compliance methodology and tracked its progress using Compliancy Group’s proprietary HIPAA compliance software solution – The Guard. Curogram successfully completed Compliancy Group’s 6-stage HIPAA risk analysis and remediation program and its HIPAA compliance program was assessed by Compliancy Group’s HIPAA subject matter experts.

Compliancy Group has confirmed that Curogram has implemented an effective HIPAA compliance program, is fully compliant with the HIPAA Rules, and is committed to HIPAA compliance moving forward.

Curogram was awarded the HIPAA Seal of Compliance, which demonstrates to current and future clients that the company has implemented an effective HIPAA compliance program and is committed to ensuring the privacy and security of any PHI entered, received, stored, or transmitted through its platform.

“Earning the Compliancy Group’s Seal of Compliance demonstrates our commitment to HIPAA compliance. In addition to providing secure patient communications options including 2-way texting, automated appointment reminders, and telemedicine services, we aim to lead the healthcare industry by example,” said Curogram COO, Michael Hsu.

The post Curogram Confirmed as HIPAA Compliant by Compliancy Group appeared first on HIPAA Journal.

Webinar Today: Do I Need to be HIPAA Compliant?

“Covered Entities” are required to comply with the Health Insurance Portability and Accountability Act (HIPAA). Covered entities are healthcare providers, health plans, and healthcare clearinghouses, which must ensure they are fully compliant with the HIPAA Privacy, Security, Omnibus, and Breach Notification Rules.

There is a common misconception that HIPAA only applies to these entities, when compliance is mandatory for virtually all companies and individuals who work in healthcare in any capacity. There have been many fines imposed on organizations and companies that did not believe compliance was necessary or failed to fully grasp what compliance entailed.

Any company or individual that either handles protected health information (PHI) or otherwise comes into contact with PHI is required to comply with the HIPAA Rules, even if they do not fall under the classification of covered entity. That includes any business that provides goods or services to covered entities that requires contact with PHI.

To clear up confusion about whether compliance with the HIPAA Rules is required, Compliancy Group will be hosting a webinar on August 19, 2021 and will explain to whom the HIPAA Rules apply.

If you are in any doubt about whether you or your company need to be compliant with the HIPAA Rules, be sure to attend the upcoming webinar.

Follow the link below to sign up from the webinar to discover if you are currently at risk of a financial penalty for noncompliance and, if so, what you need to do to become HIPAA compliant.

Webinar Details:

Do I Need to be HIPAA Compliant?

Thursday, August 19, 2021

2:00 p.m. ET / 11 a.m. PT

The post Webinar Today: Do I Need to be HIPAA Compliant? appeared first on HIPAA Journal.

Webinar Today July 8, 2021: All Your HIPAA Questions Answered

In recent years, the Department of Health and Human Services’ Office for Civil Rights has issued guidance on the Health Insurance Portability and Accountability Act (HIPAA) Rules and how they apply in certain situations. Even with this guidance, there is still considerable confusion around HIPAA and how the HIPAA Privacy, Security, and Breach Notification Rules and the Omnibus Rule HIPAA updates apply to covered entities and their business associates.

All HIPAA covered entities and business associates must ensure they are compliant with all appropriate provisions of the HIPAA Rules and there are severe penalties for noncompliance. Over the past few years, OCR has stepped up enforcement and regularly imposes financial penalties on covered entities and business associates that are discovered not to have complied with the provisions of HIPAA.

OCR investigates breaches of protected health information, and they are now being reported at record rates. In 2010, the first full year after OCR started publishing summaries of healthcare data breaches on its website, there were 199 reported healthcare data breaches of 500 or more records. In 2020, there were 642 reported breaches… a rise of 222%. The first half of 2021 has just come to an end and there have already been 327 reported breaches this year. There is now a much greater chance of HIPAA violations being discovered. HIPAA compliance has never been more important.

HIPAA Journal regularly receives questions about HIPAA compliance and how the HIPAA Rules apply in certain situations. To help clear up confusion, HIPAA Journal has partnered with Compliancy Group, a leader in the compliance space that educates healthcare providers and their business associates and helps them become and remain HIPAA compliant.

On Thursday, July 8, 2021, you will have an opportunity to have your questions about HIPAA compliance answered in an interactive webinar.

Webinar Today: Thursday July 8, 2021: All Your HIPAA Questions Answered

| 2:00 p.m. ET | 1:00 p.m. CT | 12:00 p.m. MT |11:00 a.m. PT |

“Our goal is to help eliminate any HIPAA stress or concerns you may have. Get quick responses to your questions and gain confidence in compliance today.”

Use the form below to register for the webinar.

The post Webinar Today July 8, 2021: All Your HIPAA Questions Answered appeared first on HIPAA Journal.

Evo Security Confirmed as Having Implemented an Effective HIPAA Compliancy Program

Austin, TX-based Evo Security, Inc has been confirmed as having implemented an effective HIPAA compliance program and having met all appropriate provisions of the HIPAA Rules.

Evo Security is a Zero-Trust Identity and Access Management SaaS company that helps Managed Service Providers protect themselves and their customers from cyber threats, through a purpose-built Multi-factor Authentication (MFA), Single Sign-on (SSO), and Privileged Access Management (PAM) solution.

All vendors that come into contact with Protected Health Information (PHI) are required to comply with the HIPAA Rules and implement safeguards to ensure the confidentiality, integrity, and availability of PHI. As a provider of security solutions to MSPs, MSSPs, and IT companies with healthcare clients, Evo Security must ensure that its solutions, policies, and procedures are compliant with the HIPAA Rules.

To ensure the company was fully compliant with all requirements of the HIPAA Rules, Evo Security partnered with Compliancy Group and followed its proven HIPAA compliance methodology. Evo Security completed Compliancy Group’s six stage implementation program, tracking its progress using Compliancy Group’s compliance tracking software solution – The Guard.

After following that process and conducting an organization-wide risk analysis and remediating risks, the company was assessed for compliance with the necessary regulatory standards of the HIPAA Privacy Rule, HIPAA Security Rule, HIPAA Breach Notification Rule, HIPAA Omnibus Rule, and the HITECH Act.

Compliancy Group’s HIPAA compliance subject matter experts confirmed that Evo Security was in compliance with the HIPAA Rules, and the company’s good faith effort toward HIPAA compliance was recognized by awarding Evo Security the HIPAA Seal of Compliance.

With HIPAA violation fine enforcement up 400% in recent years and series of high-profile breaches and multi-million-dollar settlements that drew national attention, the importance of HIPAA compliance for both IT service providers and their healthcare IT clients has never been more urgent,” said Evo Security. “HIPAA matters to Evo Security because it follows a strong code of ethics that it believes in and follows.”

The post Evo Security Confirmed as Having Implemented an Effective HIPAA Compliancy Program appeared first on HIPAA Journal.

Free Webinar Today 06/16/21: Social Media and HIPAA Compliance

Social media platforms such as Facebook, Twitter, Snapchat, and Instagram make it easy for healthcare organizations to advertise their services and win new business. Healthcare providers can use social media sites to communicate with patients, provide updates on their services, and engage patients and get them to take a more active role in their healthcare.

While there are many benefits that can come from social media in healthcare, many healthcare organizations rightly see social media networks as minefield of HIPAA violations. This is not only true for the corporate accounts of healthcare providers, but also the personal social media accounts of their employees.

An employee communicating on social media after a particularly difficult day could easily divulge information that could violate patient privacy. There have been many cases of healthcare employees communicating on social media networks, including private Facebook groups, and sharing sensitive information about patients in violation of the HIPAA Rules.

Virtually all healthcare employees have smartphones, and it is common for them to have social media apps on their devices that make it possible to instantly communicate with large numbers of people. It is no surprise that privacy violations on social media networks are now occurring more frequently than ever before.

Social media networks can certainly be used effectively by healthcare organizations, but there are many misunderstandings about how these platforms can be used in a HIPAA compliant manner. It is naturally important to specifically cover the use of social media platforms in training sessions for healthcare employees to make it clear to employees how HIPAA applies to social media networks and what is and is not allowed. Without training for the workforce, HIPAA-covered entities will face a high risk of regulatory fines and lawsuits.

To make it easier for you to train your employees and teach them how they can use social media networks responsibly in their professional and personal lives, HIPAA Journal has teamed up with Compliancy Group for a webinar where attendees will be provided with invaluable advice on social media and HIPAA compliance.

At the webinar you will learn how your practice and employees can use social media networks ethically without violating the HIPAA Rules and patient privacy, as you will discover how you can protect your practice from HIPAA violations.

By the end of the webinar you will have instructions on how to create effective policies covering the use of personal and corporate-owned mobile phones and social media in the office. You will also be provided with real life examples of some of the HIPAA breaches that have occurred as a result of improper social media usage to help ensure similar mistakes are not made by your practice and employees.

Webinar Details:

Social Media & HIPAA Compliance: Simple Ways to Protect Your Business

Date:     Wednesday June 16, 2021

Time:     2:00 pm ET / 11 am PT

The post Free Webinar Today 06/16/21: Social Media and HIPAA Compliance appeared first on HIPAA Journal.

Gain More Patients Confirmed as HIPAA Compliant

The healthcare digital marketing agency Gain More Patients LLC (GainMorePatients.com) has been confirmed as having implemented an effective HIPAA compliance program.

Gain More Patients provides clients with marketing strategies to help improve brand awareness and supports the growth of medical practices by enhancing their web presence by optimizing web outreach, content, client interface, SEO, and social media.

The provision of those services can involve contact with protected health information, so it is vital for the company to ensure policies and procedures are in place to comply with the appropriate provisions of the HIPAA Rules.  To ensure the company was fully compliant with the HIPAA Rules, Gain More Patients partnered with Compliancy Group and used its proprietary HIPAA compliance methodology.

Gain More Patients diligently followed Compliancy Group’s Six Stage Implementation Program to ensure compliance with the appropriate regulatory standards of the HIPAA Privacy Rule, HIPAA Security Rule, HIPAA Breach Notification Rule, HIPAA Omnibus Rule, and the HITECH Act. Throughout that process, progress was tracked using Compliancy Group’s software solution – The Guard.

Once Compliancy Group’s 6-Stage HIPAA risk analysis and remediation process was completed, the good faith effort of Gain More Patients to achieve HIPAA compliance was assessed by Compliancy Group’s HIPAA subject matter experts and the company was awarded the HIPAA Seal of Compliance. The HIPAA Seal of Compliance demonstrates to current and future clients how a company is committed to protecting privacy and ensuring sensitive data remans secure.

“Obtaining HIPAA compliance with the help of the Compliancy Group has given Gain More Patients the opportunity to practice as a business associate with many more companies that are also HIPAA compliant,” said Gain More Patients.

The post Gain More Patients Confirmed as HIPAA Compliant appeared first on HIPAA Journal.

Macadamian Technologies Confirms HIPAA Compliance with Compliancy Group

Compliancy Group has announced that Macadamian Technologies has implemented an effective HIPAA compliance program and has awarded the company the HIPAA Seal of Compliance.

Macadamian Technologies is a Gatineau, QC-based software design and development firm and the developer of digital health and connected medical device software solutions to improve healthcare.

The solutions developed by Macadamian Technologies come into contact with protected health information and, as such, the company is classed as a business associate under HIPAA. That means the company must comply with the requirements of the HIPAA Security Rule and implement safeguards to ensure the confidentiality, integrity, and availability of protected health information.

While compliance with the HIPAA Privacy Rule is not mandatory for business associates of HIPAA-covered entities, as a business associate, Macadamian Technologies must provide satisfactory assurances to all covered entities that use its services and software solutions that the company is fully compliant with all appropriate requirements of the HIPAA Rules.

One of the ways that companies such as Macadamian Technologies can provide those assurances to covered entities is through third-party HIPAA compliance attestation. Macadamian Technologies partnered with Compliancy Group to demonstrate compliance and the company’s ongoing commitment to ensuring the privacy and security of healthcare data.

Macadamian Technologies adopted Compliancy Group’s proven HIPAA compliance methodology and used its compliance tracking software solution – The Guard – in that process. After demonstrating compliance and undergoing Compliancy Group’s 6-stage risk analysis and remediation process, Macadamian Technologies was awarded the HIPAA Seal of Compliance, which demonstrates the company has implemented an effective HIPAA compliance program.

“With full HIPAA compliance, Macadamian is able to accelerate new product introductions for its U.S. based customers,” said Timon LeDain, Macadamian’s VP of Customer Solutions. “In an era of digital transformation, we’re seeing more patient data go online. Being HIPAA compliant means customers have peace of mind knowing that patient-data privacy and security is a key priority for Macadamian.”

One of the software solutions developed for the healthcare sector is the Macadamian HealthConnectTM Platform-as-a-Service. This is used by customers to accelerate the development of digital health solutions that streamline clinician workflows and improve patient care. “Leveraging the Macadamian HealthConnectTM platform in solutions provides customers with the data security, privacy, availability and traceability that HIPAA regulations mandate for electronic Protected Health Information (ePHI) built into their products from day one,” said LeDain. “This is exemplified in the Macadamian QSuite of COVID-19 risk mitigation tools. Although many QSuite customers do not fall under HIPAA’s Privacy Rules, they leverage a suite of tools built on the Macadamian HealthConnectTM platform designed to meet the highest standards of data privacy and security.”

The post Macadamian Technologies Confirms HIPAA Compliance with Compliancy Group appeared first on HIPAA Journal.