Small Insurance Agent Gets HIPAA Compliant with The Compliance CO-OP
Some months ago we were presented with a challenge by a client. He had a network of over 300 small insurance agencies, mostly less than 5 employees, that needed to become HIPAA HITECH compliant. They weren't going to spend a lot of money or time on this project but had already signed BA agreements stating that they were compliant.
We recognized that they shared a common business model so we reasoned that they could share a set of policies, procedures, and forms. With the support and oversight of a human Helper they could get compliant, stay compliant, and prove compliance with our Compliance Meter tm. Each month they have to complete an attestation form that gives them a short quiz and requires the owner to personally attest to their compliance activities for that month. This form is scored and the result shows in their Compliance Metertm. The Compliance Metertm can be posted on their website or deployed to their business partners. For a very reasonable setup fee and a low monthly fee they are able to get compliant, stay compliant, and prove compliance.
"Healthcare reform, diminishing commissions, an uncertain future coupled with continued increased government intervention has made the local insurance brokerage agent consider other career paths. Add the recent HIPAA
HITECH compliance requirements and maybe we find the nearest bridge instead of a new career! While Compliance Helper can't fix the healthcare reform dilemma, they certainly have made my HIPAA HITECH Compliance much easier.
I found Compliance Helper after instituting our encrypted email security, and they have been a godsend. While we had to sign new Business Associate Agreements with all our carriers in 2010, not one has offered any HIPAA HITECH guidance. Compliance Helper is an in your face reality check. While we thought we were doing things right, we didn’t have a systematic process, had no proper HIPAA manuals and certainly didn’t have the mechanism to monitor our progress and stay in compliance.
While Compliance Helper is a great service, it is overwhelming in the beginning. Compliance Helper forces each insurance brokerage firm to implement policies and procedures that most agents never consider let alone act upon. My first month I spent 25 hours (we now recommend spreading this out over three months or two hours per week) poring through the initial setup,updating policy forms, educating employees, getting security and privacy statements signed by each employee, changing hiring practices and making sure PHI was as secured as possible. This process is not easy.
I did find once we finished the first month, the process became easier.Each month you are given a HIPAA To Do List and forced to implement the procedures, create new forms, and educate your employees. It has made ourweekly staff meetings more efficient - we spend time each week on HIPAA compliance- and I think helps us to be better insurance brokers.
While Compliance Helper is not a bullet proof system, I know each month when I get my compliance meter (monthly report card) that I have done all I cando to be HIPAA compliant for that month. At the end of the day, if there is
a breach or the Department of Health and Human Services knocks on your door and asks for to prove you are in compliance with HIPAA/HITECH, I can,without a doubt, prove that I am in compliance.
Jack and Peg Anderson have been fantastic to work with and I highly recommend their CO-OP program for the smaller agency who neither has the time nor resources to hire a HIPAA Compliance employee."
Burman S. Clark, RHU,CSA