“We are HIPAA compliant, our IT company and attorney does this for us” is often heard from Doctor’s. With a simple initial review, the office realized how far out of compliance they were. The IT company works on keeping their computers and network secure, but did often doesn’t cover many of the other items for HIPAA or compliance such as HIPAA documentation or Business Associate agreement reviews, training and audits. Who is the designated compliance officer? Who is responsible for implementation of everything? Who has the necessary extra compliance training? Who is responsible for gathering all of the documents and keeping everything updated? Who verifies that the Business Associates have done their compliance analysis? Remember the government motto: If it’s not documented, it’s not done.
Curran Data Technology will do this for you. No more worrying:
- Is this complete?
- When do we need to review?
- Where is the HIPAA book?
- What has been documented?
- Do the documents need to be updated?
- Are the business associates compliant?
Easily, simply, and efficiently, CurranData360 will do the HEAVY Lifting and remove these burdens.
Psychiatrist’s off-site Office
Might not be a typical medical office. Clinicians may see patients outside of the office. This requires having access to medical records on the go. While the application may be secure, many of the other tools and processes are not. Telephones, tablets, voice mail, shredding, notes, and wifi connections are among things that needed to be changed or reviewed for proper procedures and policies.
Curran Data Technologies comes in to do the HEAVY Lifting, develope a Risk Analysis, built a Remediation plan, and successfully implement the plan. With ongoing monitoring for updates, annual training, continual review and updating of documentation, this office can be assured that when the audit happens, it will be simple, easy, and economical. Questions can now be answered without calling their expensive HIPAA attorney.
A large area of risk for both the facility and patients. It doesn’t matter if a company operates 1 or 100 communities. You have a target on your back for collecting and storing sensitive data such as health records and financial data on your customers.
Patient fraud of records can take place for quite some time before found. Ponemon Institute says the long term costs such as the notification, forensic investigation, and HIPAA fines, far outway the short term costs. You will feel the after effects of a breach or hack in the form of reputational losses, customer churn, and loss of goodwill.
CurranData360 does the HEAVY Lifting and brings structure to the process, allowing for easy monitoring and HIPAA Compliance. Remember Compliance is not the same as Security.