HIPAA Compliant Managed Services
Are you a Covered Entity? If so, do you know if your IT provider is HIPAA compliant? As of 2013, the Department of Health and Human Services (HHS) issued the final omnibus rule governing patient data protection under the Health Insurance Portability and Accountability Act (HIPAA). Within this, the final rule covers “business associates” as well as healthcare organizations such as physician practices, hospitals and health plans.
As defined by the Health Information Portability and Accountability Act (HIPAA), a business associate is a person or entity that performs certain functions or activities that involve the use or disclosure of protected health information on behalf of, or provides services to, a covered entity. In short, if your organization hires a managed services provider (or any computer technician, for that matter, and there’s a possibility that they may come in contact with patient data, they must be HIPAA compliant as a business associate.
Site Tech Services is a HIPAA compliant managed services provider. We perform regular HIPAA Security Risk Assessments, maintain HIPAA Policies and Procedures and all employees that could potentially be exposed to ePHI receive HIPAA Security Training.
Our IT systems-management software provides an encrypted, secure connection between the remote agent (customer’s systems), management server (cloud-based server) and our technicians.
HIPAA Compliance Consulting
In addition to our HIPAA compliant managed services, we offer a full range of services that assist healthcare practices and agencies meet HIPAA guidelines. Our HIPAA compliance services include the following:
- 18+ Policies and Procedures addressing Administrative, Physical and Technical Safeguards
- Security Management Process
- Assigning a HIPAA Compliance Officer
- Workforce Security
- Security Awareness Training
- Security Incident Procedures
- Contingency Planning
- Workstation Use Policies
- Device and Media Controls
- Device and Media Tracking
- Access Control
- Access to Server and Equipment Rooms
- Audit Control
- Records Transmission Security
- Breach Notification Checklists
- Risk Assessment – Required under the HIPAA Security Rule
- HIPAA Security Training and Compliance Testing
- Use of the HIPAA Compliance Portal for managing everything you need to achieve and remain compliant with the HIPAA Security Rule
- $100,000 financial protection from HIPAA breach and violation expenses
Contact us today to find out just how affordable a comprehensive HIPAA compliance program can be!