Company Information

489 Boylston Street Suite 2
Brookline, MA 02445
Tel: 781.454.7406
e-mail: info@vitruvianmedpro.com

Friday, April 5, 2013

HIPAA Compliance and Encryption

As part of being HIPAA compliant, covered entities and business associates are responsible for protecting patient health information (PHI). Onc way to protect PHI is to encrypt devices that provide access to PHI. You can learn more about encryption and PHI at

http://www.physicianspractice.com/ehr/data-encryption-101-medical-practices?GUID=9533E9BE-E642-4774-9B8C-7106375F772C&rememberme=1&ts=05042013
Posted by at No comments:
Labels: , ,

Monday, April 1, 2013

Final HIPAA/HITECH Omnibus Rule has gone into effect


The OCR (Office of Civil Rights) may be calling you!

Covered entities and business associates must  comply with the final Omnibus Rule by Sept. 23rd 2013.   The US Department of Health and Human Services (HHS) Omnibus Rule has put in place privacy, security, and enforcement under the HIPAA/HITECH.

Are you prepared to be fully HIPAA Compliant?

· Have you had a Risk Assessment done this past year?
· Have you updated you Notice of Privacy Practices and patient authorization forms?
· Have you updated your business associate agreements?
· Do you have a Breach Response Plan and a Contingency Plan in place?
· Do you have a revised HIPAA Policy and Procedures Manual?
· Have you trained your employees on HIPAA Policy and Procedures each year and documented it?

If you answer NO to any of these questions, it is a good bet you will be in line for a HIPAA audit as you are probably in “Willful Neglect”.  Mandatory fines for Willful Neglect start at  $50,000, however in some cases, even for small physician practices the fines have been $100,000. Based on level of negligence, fines can be as high as $1,500,000.

Leon Rodriguez, HHS OCR Director, noted in a press release that the Omnibus Rule:

...marks the most sweeping changes to the HIPAA Privacy and Security Rules since they were first implemented.  The changes not only greatly enhance a patient’s privacy rights and protections, but also strengthen the ability of my office to vigorously enforce the HIPAA privacy and security protections, regardless of whether the information is being held by a health plan, a health care provider, or one of their business associates.

Vitruvian MedPro is offering an affordable, comprehensive, Turnkey  HIPAA Compliance Solution complete with:

· Risk Assessment and Risk Management Plan
· 8 Step DVD training with savable PDF Documents
· 8 Step paper binder used for training
· Complete HIPAA Training Videos based on OCR, CMS AND NIST GUIDELINES
· Specific training for the HIPAA Compliance Officer
· FULL telephone and email support for one year

Call 781-454-7406 to schedule your FREE consultation!

 

 

 

Posted by at No comments:
Labels: , , , , , , , , , , ,
Subscribe to: Posts (Atom)