By Jack Anderson
August 26, 2014
Whether you are a covered entity, a business associate, or a sub-contractor of a business associate, you probably don’t have a HIPAA expert on your staff. What is a HIPAA expert? Well, Rebecca Herold, CISSP, CIPP/US, CIPP/IT, CISM, CISA, FLMI, www.theprivacyprofessor.com certainly qualifies. Coupled with her many certifications is many years of hands-on experience in the healthcare industry. How would you engage Rebecca? You could buy telephone time at $250 per hour or you could have her come on-site for thousands per day, including travel.
If these numbers exceed your HIPAA compliance budget there is an alternative, Compliance Helper (CH) and Rebecca Herold & Associates (RHA) formed a joint venture in 2009 to fill this gap. RHA provides the content, such as templates of policies, procedures, and forms (PP&F) along with the expert advice needed. CH provides the technology and methodology to deliver this to the healthcare industry.
Here is how it works. CH has developed HIPAAssure, a SaaS or cloud model for the delivery platform. This platform allows CH to deliver a private and secure website to each user with templates of PP&F that meet the new Omnibus Rule standards which became effective September 23, 2013. This is an important date because if your PP&F were developed prior to this date they are probably out of date.
The next step requires the healthcare organization to edit these templates to fit their organization. This does not mean putting your organization’s name on a set of canned PP&F, printing them, putting them on the shelf and forgetting about them. The methodology developed by CH is task centered, meaning that you get a series of tasks that walk you through the editing process. This process usually generates a number of questions which is where the CH Helper enters the picture.
The Helper has been trained by and is supported by RHA to not only answer your HIPAA questions but also to check your edits to make sure that you still meet the standards. Through the SaaS model the Helper can respond to questions and check your work cost effectively and efficiently.
Once the initial job of setting up Omnibus Rule compliant PP&F has been accomplished, the job is not over. Health and Human Services (HHS) has stated many times that HIPAA compliance is a process, an on-going process that requires documentation of your compliance activities. This documentation is what builds a legal firewall around your organization.
CH delivers a new set of tasks each month through the SaaS model along with any updates of PP&F needed to stay current with the standards. The organization’s scores go down until the tasks are checked off and the PP&F edited and approved.
All of this is reflected through the Compliance Meter® developed by CH. This is the assurance that a manager needs to make sure that their organization is compliant but it can also be used as proof to business partners, clients, and patients that they are compliant on an on-going basis.
The Helper is a person assigned to the account but the SaaS tools and task centered methodology make their job easier and less expensive.
Take a look at www.compliancehelper.com