HIPAA Blog Posts: HIPAA Compliance Online Software

First SaaS Solution for HIPAA HITECH Compliance: Compliance Helper

Compliance Helper developed their HIPAA HITECH solution on a SaaS platform in 2009 in partnership with Rebecca Herold & Associates, and delivered it to their first client on March 5, 2010.

Continue reading…

HIPAA HITECH Breach Concerns Rise For Healthcare Firms: Judy Greenwald, Business Insurance

Lynn Sessions, counsel at law firm Baker & Hostetler L.L.P. and a former risk manager at Texas Children's Hospital, both in Houston, said HITECH's requirements make it easy to violate HIPAA. “We tell our clients it is not a matter of if” there will be a HIPAA violation, but of when; and in many situations, it is a matter of very small breaches.


Continue reading…

HIPAA HITECH Documentation and Metrics

Starting with having documented policies and procedures, documentation is a critical part of HIPAA HITECH compliance.  If you didn't document it, you can't measure it, and if you can't measure it, you can't prove it.  In 2012 if you can't prove that you are HIPAA HITECH compliant it is going to be very difficult to work in the healthcare sector.

Continue reading…

Over Half of Patient Data Records Breached Caused by Third Parties (BAs and Subs)

Bryan Cline, a vice president with the Health Information Trust Alliance, a nonprofit company that establishes privacy guidelines for health providers, said nearly 20 percent of breaches involved outside contractors, accounting for more than half of all the records exposed.

Dr. Cline said health care providers depend unjustifiably on legal contracts with vendors to protect medical records. “That just doesn’t work, as we can see,” he said. “You have to do due diligence, something to assure yourself that the people you’re giving your data to can be trusted.”


Continue reading…

HIPAA HITECH Compliance Metrics: Critical Tools

A recent webinar by ID Experts, Rebecca Herold & Associates, and Compliance Helper made a strong case for metrics in HIPAA HITECH compliance.  If you can't measure it you can't prove it, and soon, if you can't prove it you can't do business in healthcare.

Continue reading…

The HIPAA HITECH Compliance Cycle: Risk Assessment, Remediation, Training

Three leading HIPAA HITECH compliance companies, ACR2 Solutions, Compliance Helper, and Rebecca Herold & Associates have linked their SaaS solutions to provide risk assessment, remediation, and training.  The SaaS model allows them to deliver these services cost effectively and efficiently.

Continue reading…

Business Associates Need Proof of HIPAA HITECH Compliance

Covered entities (CE) are asking business associates (BA) to provide proof that they are HIPAA HITECH compliant.  The Compliance Meter(tm) is the best proof.

Continue reading…

BA Tracker (tm) Keep BAs HIPAA HITECH Compliant

Compliance Helper is pleased to announce a new service called BA Tracker(tm) that helps a CE track the current compliance level of all of their BAs and display it through the Compliance Meter (tm).  This is a free service to the CE.  If the BAs are not compliant Compliance Helper can help them set up a comprehensive privacy and information security program including customized policies, procedures, and forms.  They are supported by a privacy and security expert we call a Helper.

Continue reading…

Business Associate Management Tips: HIPAA HITECH Compliance

 Business Associate Management Tips:

Key Steps Can Help Prevent Breaches,June 16, 2011 - Howard Anderson, Executive Editor, HealthcareInfoSecurity.com

Working with business associates to prevent health information breaches requires far more than writing detailed contract terms on privacy and security, says regulatory expert Christopher Hourihan.

Continue reading…

HIPAA HITECH Compliance: No Substitute for Experience

Companies offering HIAA HITECH compliance are popping up like mushrooms and just like mushrooms some of them are dangerous.  Some of them seem to think that compliance is strictly an IT issue, some think that dowloading policies and procedures will provide "evidence" of compliance, and some are folks from the financial sector with no healthcare experience at all. Caveat emptor!

Continue reading…