Everyone is HIPAA Compliant! Can YOU Prove It?
March 26th, 2013
End of Grace Period
September 23rd, 2013
I have worked with the team at Kardon Technology since early 2012 as they developed their Small Provider and Business Associate offering using our ComplyAssistant application as a component. Their understanding of HIPAA compliance requirements in Small Provider offices is exceptional. I definitely recommend their skills as HIPAA Compliance consultants. They offer a level of experience and understanding of HIPAA that positions them as a “go to” team for Small Providers and Business Associates needing compliance assistance.Gerry Blass, President and CEO ofGerry has worked in healthcare IT for over 35 years for HIS (health information systems) companies, hospitals and his privately held companies. Gerry formed Blass Consulting, LLC in 2001 to provide healthcare IT and compliance professional consulting services ; and Blass Compliance LLC in 2009 to provide ComplyAssistant, a web based compliance management tool. He is also a co-founder and moderator of the HIPAA 411 discussion group on LinkedIn with over 3,000 members.
Gerry is a member of HIMSS, HCCA, SCCE and HFMA, including NJ HFMA and their CARES (healthcare compliance) forum.
[row]HIPAA Compliance Services
Meaningful Use, EMR, Practice Portal, PCI, 5010, ANSI and… Oh, yeah, then there’s managing current staff, training new staff, handling patient records, submitting claims and… supporting your providers. Understanding you have neither the time or the resources to research, understand, implement and manage a policy and procedure plan that complies with the recent Omnibus Final Rule enhancements, Kardon Technology has a variety of tools to assist you.
Is It Worth the Gamble?
What is HIPAA/HITECH, and why should you care? Most in the medical industry are familiar with the Health Insurance Portability and Accountability Act (HIPAA), or they should be. It’s been around since 1996, and included implementation efforts from then through July 1, 2005. The privacy rule defines when and how private information can be used and accessed. Part of the American Recovery and Reinvestment Act (ARRA), the Health Information Technology for Economic and Clinical Health Act (HITECH) was introduced in 2009. HITECH deals with implementation of Electronic Health Records (EHR), added new Breach Notification Regulations and added compliance requirements for Business Associates. The provisions offer incentives to get providers to implement technology and fully utilize it in their practice. In January (2013), the Omnibus Final Rule was published… and there were changes. Or shall we call them ‘updates’.
Where Do I Start?
Compliance Consult with ComplyAssistant You’ve worked so hard to put everything in place. Before you submit your bid for funds, you must perform a HIPAA Compliance Assessment and have a detailed plan for remediation in place. The majority of small private practices have been focused on addressing the EHR implementations and qualifying under Meaningful Use rules for incentive payments. They haven’t had time to focus on the HIPAA changes, detailed in the Kardon Technology HIPAA White Paper. According to the HIPAA Security Rule, every Covered Entity must have a Security Risk Assessment done regularly and documented, covering all the rule provisions and how they are being addressed in your organization. The 2012 Random Audit Protocol revealed this is not being done correctly Plus…
Carrying this disk home each day isn’t safe?
Kardon Backup Powered by Intronis There’s backup, and then there’s HIPAA Compliant backup. Kardon Technology offers both. Patient privacy has become a major topic of concern over the past several years. With the majority of patient information being transferred over to digital format to improve the convenience, efficiency and cost of storing data, organizations expose themselves to certain risks. The Security Rule requires health care providers to put in place certain administrative, physical and technical safeguards for electronic patient data. Organizations must adhere to the Security Rule’s standards and specifications for backing up and safekeeping electronic data. Among other things, Covered Entities will be required to have a Data Backup Plan, a Disaster Recovery Plan, and an Emergency Mode Operation Plan.