Healthcare (HIPAA) Compliance
The Health Insurance Portability and Accountability Act of 1996 (HIPAA) requires that access to Protected Health Information (PHI) shall be managed to guard the integrity, confidentiality, and availability of electronic PHI (ePHI) data. The Health Information Technology for Economic and Clinical Health Act (HITECH) further bolstered HIPAA as it required that Business Associates also adhere to those requirements that previously applied only to Covered Entities. Lastly, Meaningful Use Core Objective 14 (Eligible Hospitals) and Core Objective 15 (Eligible Professionals) require organizations to conduct a security risk analysis in accordance with the requirements found in the HIPAA Security Rule.
Contextual Security offers a suite of services to assist healthcare organizations (Hospitals, Physician Groups, and Service Providers) in complying with those security requirements found in HIPAA, HITECH and Meaningful Use. Please contact us today for more information.
Contextual Security can assist your organization in understanding and ultimately complying with the HIPAA and HITECH security requirements. Our team of experienced healthcare consultants will review your documented HIPAA policies and procedures, interview key members with healthcare data security responsibilities and conduct technical inspections of those systems that store, process and/or transmit healthcare data to ensure that all three are in line with the controls found within the HIPAA Audit Protocol as well as security best practice. This comprehensive approach allows our clients to have confidence in the accuracy of our findings because they rely on tangible data gathered through our three-pronged approached (document reviews, interviews and system inspections), and not just the results from an employee survey or a review of the organizations information security policy.
In addition our clients are given 24/7 visibility into the progress of audit through our illumino platform. illumino gives organizations the ability to quickly identify the status (Compliant, Not Compliant, Remediating, etc.) of each control within the HIPAA Audit Protocol, including the information that was relied upon by the assessor to make the status determination. By making this information available 24/7, there are no surprises!
We want to be your trusted security (and compliance) partner and the only way to do that is to get to know your organizations goals and objectives, and stay involved in throughout the year.
Solid Security Begins With Knowing. Excels by Doing.