Compliancy Group News

IT Service Provider Choose Networks Achieves HIPAA Compliance with Compliancy Group

Posted by HIPAA Journal

The Wichita, KS-based IT service provider, Choose Networks, has achieved HIPAA compliance with Compliancy Group.

Choose Networks was established in 2001 to provide small to medium sized businesses with enterprise-grade IT support. The company now employs over 35 people and provides IT support services to a wide range of companies, including many in the healthcare industry.

As an IT service provider, Choose Networks requires access to systems containing protected health information. As such, the company is considered a HIPAA business associate and is required to comply with HIPAA Rules.

In order to ensure that all requirements of HIPAA have been met and to demonstrate the company follows the same policies, procedures, and administrative practices as its healthcare clients, Choose Networks partnered with Compliancy Group and completed its 6-Stage HIPAA risk analysis and remediation process.

“Choose Networks delivers an excellent customer experience, and this doesn’t stop with technical guidance and support. It is paramount to do everything it takes to protect our customers,” said Lindsay Smith, Vigilance Coordinator at Choose Networks. “For this reason, we requested assistance from Compliancy Group to audit our business to ensure we understand and are upholding HIPAA compliancy regulations.”

Using Compliancy Group’s proprietary HIPAA methodology and its compliance software, The Guard, Choose Networks demonstrated compliance with all aspects of HIPAA Rules and has been awarded Compliancy Group’s HIPAA Seal of Compliance.

The Seal of Compliance confirms Choose Networks has met its requirements and has implemented an ongoing program to ensure continued compliance with the HIPAA Privacy, Security, Breach Notification Rules and the HITECH Act.

The company is using Compliancy Group’s Seal of Compliance to differentiate its services from the competition and demonstrate to prospective clients that the company is fully committed to HIPAA compliance.

The post IT Service Provider Choose Networks Achieves HIPAA Compliance with Compliancy Group appeared first on HIPAA Journal.

Webinar: Aug 21, 2019: Why Your Organization Needs More Than Just Training If You Want To Be HIPAA Compliant?

Posted by HIPAA Journal

On August 21, 2019. HIPAA Journal Sponsor, Compliancy Group, will be hosting a webinar entitled “Why your organization needs more than just training if you want to be HIPAA compliant?”

If you are a HIPAA covered entity or business associate, compliance with the Health Insurance Portability and Accountability Act is mandatory. All employees must be trained on HIPAA and should understand how the legislation applies to their role in the organization.

With the workforce trained on privacy and security and aware of the allowable uses and disclosures permitted by the HIPAA Privacy Rule, employees will be able to complete their work duties in full compliance with HIPAA and avoid financial penalties.

HIPAA compliance requires an ongoing commitment to achieve the required standards for privacy and security and ensure those standards are maintained.

To find out more about what’s entailed, Compliancy Group is holding a webinar.

During this webinar, Compliancy Group President and CEO Marc Haskelson will explain:

  • How to meet all federal requirements for effective HIPAA training
  • How your organization can avoid breaches and fines
  • What you can you be doing right now to protect your organization
  • How to keep your name off the HHS ‘Wall of Shame’
  • How your patients feel about HIPAA and why this is important for your business.

Tune into this exclusive webinar to learn how you can become HIPAA compliant. You can sign up for this and future webinars on the following link: https://compliancy-group.com/webinar/

Date: Wednesday, August 21, 2019

Start Time: 2:00 pm ET/11:00 am PT

The post Webinar: Aug 21, 2019: Why Your Organization Needs More Than Just Training If You Want To Be HIPAA Compliant? appeared first on HIPAA Journal.

Direct Connect Computer Systems Inc. Recognized as HIPAA Compliant

Posted by HIPAA Journal

The Cleveland, OH-based technology solution provider, Direct Connect Computer Systems, Inc., has demonstrated the company is fully compliant with Health Insurance Portability and Accountability Act (HIPAA) Rules.

Companies that provide technology solutions and services to healthcare clients that require contact with electronic protected health information (ePHI) are classed as ‘business associates’ under HIPAA.

Business associates of HIPAA covered entities must ensure they are fully compliant with the HIPAA Privacy, Security, Omnibus, and Breach Notification Rules, and must ensure the confidentiality, integrity, and availability of ePHI at all times. Business associates face substantial fines if they are discovered not to be compliant with HIPAA Rules.

In order to start providing products and services to healthcare organizations, companies must be able to provide reasonable assurances that they are fully compliant with HIPAA Rules. To help provide those assurances and demonstrate the company’s commitment to privacy and security, Direct Connect Computer Systems, Inc., partnered with Compliancy Group and completed its Six Stage Risk Analysis and remediation process.

Using Compliancy Group’s proprietary software, The Guard, and assisted by Compliancy Group Compliance Coaches, Direct Connect Computer Systems successfully completed the program and was awarded Compliancy Group’s HIPAA Seal of Compliance.

The HIPAA Seal of Compliance recognizes Direct Connect’s good faith efforts to comply with all HIPAA and HITECH Act requirements and confirms the company has met its regulatory obligations as a HIPAA business associate.

The post Direct Connect Computer Systems Inc. Recognized as HIPAA Compliant appeared first on HIPAA Journal.

Compliancy Group Appoints New HIPAA Attorney

Posted by HIPAA Journal

Compliancy Group has announced the appointment of a new, experienced healthcare attorney and legal researcher who has been tasked with helping to simplify the complex requirements of the Health Insurance Portability and Accountability Act (HIPAA) to make them more understandable to the company’s clients and the public at large.

Daniel Lebovic, a graduate of Emory University School of Law, will join Compliancy Group’s Content Management Team. Lebovic has a background in healthcare law and translating complex legal documents into written content that can be easily understood by individuals without a legal background.

Much has changed in healthcare over the last 20 years since HIPAA was enacted. Ensuring continued compliance with HIPAA as work practices change and new technology is introduced can be a major challenge, one that requires a thorough understanding of the nuances of HIPAA.

HIPAA contains a set of standards for healthcare organizations of all sizes, from single doctor practices to the nation’s largest health systems and health insurers but it does not say how those standards should be achieved and in many cases requirements are unclear.

For example, the HIPAA Security Rule requires covered entities to maintain “reasonable and appropriate” administrative, technical, and physical safeguards for protecting e-PHI. Risk must also be reduced to a “reasonable and appropriate” level. Determining what is “reasonable and appropriate” can be difficult. Unfortunately, the consequences of a misjudgment can be severe.

This is where Lebovic’s expertise will be invaluable. Lebovic has been tasked with creating educational content for healthcare organizations that breaks down the complexities of HIPAA and makes it clear what healthcare organizations must do to comply.

“HIPAA regulation was not designed with an eye toward being comprehensive to the average person. With my new role I hope to breakdown what the regulations say into actionable advice to help the healthcare market better understand and adhere to HIPAA,” said Lebovic.

The post Compliancy Group Appoints New HIPAA Attorney appeared first on HIPAA Journal.

Qmetis Inc. Demonstrates HIPAA Compliant Status by Completing Compliancy Group HIPAA Risk Analysis Program

Posted by HIPAA Journal

The NY-based healthcare technology company Qmetis has successfully completed Compliancy Group’s 6-State HIPAA Risk Analysis and remediation process and has been confirmed as being in compliance with Health Insurance Portability and Accountability Act (HIPAA) Rules for HIPAA business associates.

Qmetis develops web-based interactive quality assessment and quality assurance decision-support tools for healthcare professionals. The tools help hospitals and medical centers, and physician’s offices consistently deliver evidence-based care to patients. The tools are used in real-time at a patient’s bedside and support treatment decisions. Healthcare organizations that have adopted the tools have been able to improve outcomes and reduce costs.

The tools developed by Qmetis interact with patient health information, so the company is considered a business associate under HIPAA and is required to comply with HIPAA Rules.

The company had already developed a HIPAA compliance program, but as part of its continuing commitment to compliance, the company partnered with the Compliancy Group and used The Guard software to complete it’s 6-stage Risk Analysis and remediation process.

Assisted by Compliancy Group’s HIPAA compliance coaches, Qmetis was guided through the compliance process by Compliancy Group’s proprietary software – The Guard. The software and the implementation plan have been vetted against the letter of the law and have been confirmed as meeting federal NIST requirements.

Completion of the implementation plan has confirmed that Qmetis is in compliance with HITECH Act requirements and all business associate provisions of the HIPAA Privacy, Security, Omnibus, and Breach Notification Rules.

Successful completion of the implementation plan and the good faith efforts of Qmetis to comply with federal regulations has seen the company issued with Compliancy Group’s HIPAA Seal of Compliance.

The HIPAA Seal of Compliance demonstrates to healthcare organizations that a company is committed to meeting and exceeding federal standards for privacy and security and confirms the company takes its compliance obligations seriously and is committed to protecting the privacy of its clients’ data.

The post Qmetis Inc. Demonstrates HIPAA Compliant Status by Completing Compliancy Group HIPAA Risk Analysis Program appeared first on HIPAA Journal.

Computer Doc Achieves HIPAA Compliance with Compliancy Group

Posted by HIPAA Journal

Compliancy Group has announced that the Indian Trail, NC-based IT firm Computer Doc has completed the initial phase of its HIPAA compliance journey and has demonstrated compliance with the HIPAA Privacy, Security, Breach Notification, Omnibus Rules and the requirements of the HITECH Act.

Since 1997, Computer Doc has been providing IT support and consultancy services to businesses in and around Charlotte, NC. The firm focuses on providing IT support to small to medium sized businesses to help them increase productivity, improve efficiency, and boost profitability through the intelligent use of IT.

In order to reassure healthcare companies that the firm is aware of the requirements of HIPAA and is committed to providing a HIPAA-compliant IT support service, Computer Doc signed up with the Compliancy Group and was guided through the compliance process.

“With HIPAA violation fine enforcement up 400% in recent years and series of high-profile breaches and multi-million dollar settlements that drew national attention, the importance of HIPAA compliance for both IT service providers (BAs) and their healthcare IT clients (CEs) has never been more urgent,” explained Compliancy Group.

Using the Compliancy Group’s proprietary compliance tracking software, The Guard, and assisted by Compliancy Group coaches, Computer Doc completed the 6-stage implementation program and demonstrated compliance with all relevant provisions of HIPAA Rules.

“Achieving compliance with HIPAA has improved our business and opened the doors to many medical practices that we could not help before,” explained Computer Doc.

After demonstrating compliance with HIPAA, Computer Doc is entitled to display Compliancy’ Group’s HIPAA Seal of Compliance. The Seal of Compliance demonstrates to all HIPAA-covered entities that the firm is fully compliant with HIPAA regulations and patient’s ePHI is secure.

The post Computer Doc Achieves HIPAA Compliance with Compliancy Group appeared first on HIPAA Journal.

Selarom Demonstrates Compliance with HIPAA Regulations

Posted by HIPAA Journal

El Monte, CA-based Selarom is a specialist cybersecurity firm that provides services to healthcare organizations to help them secure their sensitive data and comply with HIPAA Rules.

The company now offers a ‘HIPAA Compliance Complete Solution’ and provides a comprehensive security package for both the managerial and technical sides of organizations. Ensuring sensitive information stays private and confidential is the company’s No1 priority.

HIPAA compliance is more important today than ever before. The number of cyberattacks on healthcare organizations has reached unprecedented levels. 500+ record healthcare data breaches now being reported at a rate of more than one a day. If a breach occurs, the HHS’ Office for Civil Rights will investigate and ask for evidence of HIPAA compliance.

Many small healthcare providers struggle to comply with all provisions of the HIPAA Privacy and Security Rules. In the event of a breach or audit, those providers will be at risk of regulatory fines.

Selarom helps companies secure their data and prevent data breaches. The company ensures that in the event of a breach, it will be possible to demonstrate all reasonable and appropriate controls had been implemented in full compliance with HIPAA Rules, thus avoiding regulatory fines.

To help provide a more comprehensive service to its clients, Selarom partnered with the Compliancy Group. Through the use of The Guard, Compliancy Group’s proprietary compliance software, Selarom has demonstrated full compliance with all aspects of HIPAA and HITECH Act regulations and has been awarded Compliancy Group’s HIPAA Seal of Compliance.

Selarom is now providing an all-in-one security and compliance solution incorporating a breach prevention platform, incident response and analysis, security risk assessments, employee training, and audit support.

The post Selarom Demonstrates Compliance with HIPAA Regulations appeared first on HIPAA Journal.

Sublime Computer Services Achieves HIPAA Compliance Program Success

Posted by HIPAA Journal

The Compliancy Group has announced that the Nashville, TN-based IT managed service provider Sublime Computer Services has implemented an effective HIPAA compliance program and has demonstrated compliance with all aspects of HIPAA.

Sublime Computer Services was formed in 2008 and since been providing a range of IT services to small to medium sized businesses in the Nashville area and beyond, including many in the healthcare industry.  The company serves as a third-party IT department for its clients, and as such, its services involve contact with systems containing electronic protected health information (ePHI).

As such, Sublime Computer Services must sign a business associate agreement with healthcare organizations and agree to comply with all requirements of HIPAA when providing its services and support.

Any HIPAA compliance failure can potentially result in a financial penalty for healthcare organizations and their business associates. It is therefore important to ensure that no aspect of HIPAA has been missed.

Sublime Computer Services was already providing services to healthcare clients and was aware of the requirements of HIPAA but wanted to confirm company-wide compliance.

In addition to ensuring the company was doing everything it should to comply with HIPAA, completing the Compliancy Group Implementation Program has helped the firm differentiate its services and better serve the healthcare industry.

“94% of covered entities failed their HIPAA audits; we do not want our clients to be among them,” said Adam Bell, President of Sublime Computer Services.

Completion of the six-stage implementation program confirms Sublime Computer Services is adhering to the requirements of the HIPAA Privacy, Security, Breach Notification and Omnibus Rules, as well as the requirements of the HITECH Act. As such, its good faith efforts to comply with HIPAA have earned the firm the Compliancy Group’s HIPAA Seal of Compliance.

The post Sublime Computer Services Achieves HIPAA Compliance Program Success appeared first on HIPAA Journal.

Compliancy Group Confirms TSP Technology Inc has Achieved HIPAA Compliance

Posted by HIPAA Journal

Portland, OR-based TSP Technology provides a range of technology services to businesses, helping them to realize the benefits of new technologies without having to have the technical knowhow to implement those technologies.

Naturally, in order to provide IT services to healthcare organizations, TSP Technology is likely to come into contact with private health information. As such, the company is considered a business associate and is required to enter into business associate agreements with healthcare organizations before its services can be provided. The business associate agreement confirms that TSP Technology is aware of its responsibilities under HIPAA Rules and agrees to comply with its provisions.

TSP Technology was already providing services to healthcare companies and had signed business associate agreements with several healthcare companies. HIPAA training had been provided to staff, but it only covered the basics. ePHI was protected and key staff were aware of the allowable uses and disclosures of ePHI, but only a select number of employees had received training.

Safeguards were in place to prevent data breaches, but were OCR to conduct a compliance audit, it was possible that HIPAA compliance issues may be discovered.

In order to ensure that all provisions of HIPAA had been satisfied, TSP Technology turned to the Compliancy Group. The company’s coaches helped TSP Technology through a six-stage implementation program to ensure the company was fully compliant with the requirements of the HIPAA Privacy, Security, Omnibus, and Breach Notification Rules, the requirements of the HITECH Act.

Through the use of The Guard software, TSP Technology has demonstrated company-wide compliance with HIPAA with its good faith effort verified by Compliancy Group’s compliance experts.

TSP Technology can now display the Compliancy Group’s HIPAA Seal of Compliance, which demonstrates to prospective clients the company’s commitment to HIPAA compliance.

The post Compliancy Group Confirms TSP Technology Inc has Achieved HIPAA Compliance appeared first on HIPAA Journal.