Webinar: Social Media and HIPAA Compliance: Protecting Your Practice in the Digital Age
Sep17

Webinar: Social Media and HIPAA Compliance: Protecting Your Practice in the Digital Age

Social media is a potential minefield for HIPAA violations. One impulsive response to an online review could violate the privacy of a patient, breach HIPAA Rules, and leave and the practice at risk of a significant HIPAA violation penalty. In the digital age, healthcare providers have to deal with a whole new set of privacy concerns. Social media cannot be avoided, so it is important to understand what must be done to protect the business. “Proactively generating reviews and also responding to them effectively, in a timely manner is essential to marketing your practice. However, without proper precaution, health care providers could face serious privacy breaches and even HIPAA violations,” said Liam. In the webinar, Liam will explain how healthcare providers can respond to reviews in a manner that minimizes legal risk, while remaining fully compliant with HIPAA regulations. Register for our upcoming webinar to find out how to manage your online reputation–without risking your practice. Webinar Details: Date:    Tuesday, September 17th Time:    2:00 pm ET/11:00 am PT...

Read More
Compliancy Group Confirms Integration Link LLC is in Compliance with HIPAA and the HITECH Act
Sep17

Compliancy Group Confirms Integration Link LLC is in Compliance with HIPAA and the HITECH Act

Integration Link, LLC, a provider of cybersecurity consultancy services and virtual Chief Information Security Officers to small to large enterprises, has completed Compliancy Group’s 6-Stage HIPAA Risk Analysis and remediation process and has demonstrated full compliance with all provisions of the HIPAA Privacy, Security, Breach Notification, and Omnibus Rules and the HITECH Act. Finding suitable candidates to fill the position of Chief Information Security Officer can be a major challenge for healthcare organizations. There is a nationwide shortage of sufficiently skilled individuals and many positions remain vacant. Some enterprises simply cannot afford to hire a fulltime Chief Information Security Officer. Integration Link addresses the gap by providing virtual Chief Information Security Officers to guide organizations through the process of reducing risks to protected health information and information assets. Naturally, such a service requires staff at Integration Link to be provided with access to systems that contain protected health information, which makes the company a...

Read More
CTI Technology Confirmed as HIPAA Compliant
Aug28

CTI Technology Confirmed as HIPAA Compliant

CTI Technology, an Elgin, IL-based managed IT service provider, has demonstrated compliance with the Health Insurance Portability and Accountability Act (HIPAA) Rules using Compliancy Group’s proprietary HIPAA methodology and compliance tracking solution, The Guard. Any company that provides a product or service to healthcare organizations that requires access to systems containing protected health information (PHI) is classed as a HIPAA business associate. Following the introduction of the HIPAA Omnibus Final Rule, all business associates of HIPAA-covered entities must comply with HIPAA Rules or face stiff financial penalties for noncompliance. CTI Technology believes compliance with HIPAA Rules is essential for protecting patient privacy, improving data security, and reducing fraudulent activity. The company educates its clients on the measures required to ensure compliance with the HIPAA Security Rule and how, through compliance, cyberattacks can be thwarted and regulatory fines avoided. CTI Technology has recently completed Compliancy Group’s 6-stage risk analysis and...

Read More
IT Service Provider Choose Networks Achieves HIPAA Compliance with Compliancy Group
Aug26

IT Service Provider Choose Networks Achieves HIPAA Compliance with Compliancy Group

The Wichita, KS-based IT service provider, Choose Networks, has achieved HIPAA compliance with Compliancy Group. Choose Networks was established in 2001 to provide small to medium sized businesses with enterprise-grade IT support. The company now employs over 35 people and provides IT support services to a wide range of companies, including many in the healthcare industry. As an IT service provider, Choose Networks requires access to systems containing protected health information. As such, the company is considered a HIPAA business associate and is required to comply with HIPAA Rules. In order to ensure that all requirements of HIPAA have been met and to demonstrate the company follows the same policies, procedures, and administrative practices as its healthcare clients, Choose Networks partnered with Compliancy Group and completed its 6-Stage HIPAA risk analysis and remediation process. “Choose Networks delivers an excellent customer experience, and this doesn’t stop with technical guidance and support. It is paramount to do everything it takes to protect our customers,”...

Read More
Webinar: Aug 21, 2019: Why Your Organization Needs More Than Just Training If You Want To Be HIPAA Compliant?
Aug21

Webinar: Aug 21, 2019: Why Your Organization Needs More Than Just Training If You Want To Be HIPAA Compliant?

On August 21, 2019. HIPAA Journal Sponsor, Compliancy Group, will be hosting a webinar entitled “Why your organization needs more than just training if you want to be HIPAA compliant?” If you are a HIPAA covered entity or business associate, compliance with the Health Insurance Portability and Accountability Act is mandatory. All employees must be trained on HIPAA and should understand how the legislation applies to their role in the organization. With the workforce trained on privacy and security and aware of the allowable uses and disclosures permitted by the HIPAA Privacy Rule, employees will be able to complete their work duties in full compliance with HIPAA and avoid financial penalties. HIPAA compliance requires an ongoing commitment to achieve the required standards for privacy and security and ensure those standards are maintained. To find out more about what’s entailed, Compliancy Group is holding a webinar. During this webinar, Compliancy Group President and CEO Marc Haskelson will explain: How to meet all federal requirements for effective HIPAA training How...

Read More
Direct Connect Computer Systems Inc. Recognized as HIPAA Compliant
Aug16

Direct Connect Computer Systems Inc. Recognized as HIPAA Compliant

The Cleveland, OH-based technology solution provider, Direct Connect Computer Systems, Inc., has demonstrated the company is fully compliant with Health Insurance Portability and Accountability Act (HIPAA) Rules. Companies that provide technology solutions and services to healthcare clients that require contact with electronic protected health information (ePHI) are classed as ‘business associates’ under HIPAA. Business associates of HIPAA covered entities must ensure they are fully compliant with the HIPAA Privacy, Security, Omnibus, and Breach Notification Rules, and must ensure the confidentiality, integrity, and availability of ePHI at all times. Business associates face substantial fines if they are discovered not to be compliant with HIPAA Rules. In order to start providing products and services to healthcare organizations, companies must be able to provide reasonable assurances that they are fully compliant with HIPAA Rules. To help provide those assurances and demonstrate the company’s commitment to privacy and security, Direct Connect Computer Systems, Inc., partnered with...

Read More
Compliancy Group Appoints New HIPAA Attorney
Aug07

Compliancy Group Appoints New HIPAA Attorney

Compliancy Group has announced the appointment of a new, experienced healthcare attorney and legal researcher who has been tasked with helping to simplify the complex requirements of the Health Insurance Portability and Accountability Act (HIPAA) to make them more understandable to the company’s clients and the public at large. Daniel Lebovic, a graduate of Emory University School of Law, will join Compliancy Group’s Content Management Team. Lebovic has a background in healthcare law and translating complex legal documents into written content that can be easily understood by individuals without a legal background. Much has changed in healthcare over the last 20 years since HIPAA was enacted. Ensuring continued compliance with HIPAA as work practices change and new technology is introduced can be a major challenge, one that requires a thorough understanding of the nuances of HIPAA. HIPAA contains a set of standards for healthcare organizations of all sizes, from single doctor practices to the nation’s largest health systems and health insurers but it does not say how those...

Read More
Qmetis Inc. Demonstrates HIPAA Compliant Status by Completing Compliancy Group HIPAA Risk Analysis Program
Jul31

Qmetis Inc. Demonstrates HIPAA Compliant Status by Completing Compliancy Group HIPAA Risk Analysis Program

The NY-based healthcare technology company Qmetis has successfully completed Compliancy Group’s 6-Stage HIPAA Risk Analysis and remediation process and has been confirmed as being in compliance with Health Insurance Portability and Accountability Act (HIPAA) Rules for HIPAA business associates. Qmetis develops web-based interactive quality assessment and quality assurance decision-support tools for healthcare professionals. The tools help hospitals and medical centers, and physician’s offices consistently deliver evidence-based care to patients. The tools are used in real-time at a patient’s bedside and support treatment decisions. Healthcare organizations that have adopted the tools have been able to improve outcomes and reduce costs. The tools developed by Qmetis interact with patient health information, so the company is considered a business associate under HIPAA and is required to comply with HIPAA Rules. The company had already developed a HIPAA compliance program, but as part of its continuing commitment to compliance, the company partnered with the Compliancy Group and used...

Read More
Computer Doc Achieves HIPAA Compliance with Compliancy Group
Jul24

Computer Doc Achieves HIPAA Compliance with Compliancy Group

Compliancy Group has announced that the Indian Trail, NC-based IT firm Computer Doc is compliant with the HIPAA Privacy, Security, Breach Notification, Omnibus Rules and the requirements of the HITECH Act. Since 1997, Computer Doc has been providing IT support and consultancy services to businesses in and around Charlotte, NC. The firm focuses on providing IT support to small to medium sized businesses to help them increase productivity, improve efficiency, and boost profitability through the intelligent use of IT. In order to reassure healthcare companies that the firm is aware of the requirements of HIPAA and is committed to providing a HIPAA-compliant IT support service, Computer Doc signed up with the Compliancy Group and was guided through the compliance process. “With HIPAA violation fine enforcement up 400% in recent years and series of high-profile breaches and multi-million dollar settlements that drew national attention, the importance of HIPAA compliance for both IT service providers (BAs) and their healthcare IT clients (CEs) has never been more urgent,” explained...

Read More
Selarom Demonstrates Compliance with HIPAA Regulations
Jul16

Selarom Demonstrates Compliance with HIPAA Regulations

El Monte, CA-based Selarom is a specialist cybersecurity firm that provides services to healthcare organizations to help them secure their sensitive data and comply with HIPAA Rules. The company now offers a ‘HIPAA Compliance Complete Solution’ and provides a comprehensive security package for both the managerial and technical sides of organizations. Ensuring sensitive information stays private and confidential is the company’s No1 priority. HIPAA compliance is more important today than ever before. The number of cyberattacks on healthcare organizations has reached unprecedented levels. 500+ record healthcare data breaches now being reported at a rate of more than one a day. If a breach occurs, the HHS’ Office for Civil Rights will investigate and ask for evidence of HIPAA compliance. Many small healthcare providers struggle to comply with all provisions of the HIPAA Privacy and Security Rules. In the event of a breach or audit, those providers will be at risk of regulatory fines. Selarom helps companies secure their data and prevent data breaches. The company ensures that in the...

Read More
Sublime Computer Services Achieves HIPAA Compliance Program Success
Jul01

Sublime Computer Services Achieves HIPAA Compliance Program Success

The Compliancy Group has announced that the Nashville, TN-based IT managed service provider Sublime Computer Services has implemented an effective HIPAA compliance program and has demonstrated compliance with all aspects of HIPAA. Sublime Computer Services was formed in 2008 and since been providing a range of IT services to small to medium sized businesses in the Nashville area and beyond, including many in the healthcare industry.  The company serves as a third-party IT department for its clients, and as such, its services involve contact with systems containing electronic protected health information (ePHI). As such, Sublime Computer Services must sign a business associate agreement with healthcare organizations and agree to comply with all requirements of HIPAA when providing its services and support. Any HIPAA compliance failure can potentially result in a financial penalty for healthcare organizations and their business associates. It is therefore important to ensure that no aspect of HIPAA has been missed. Sublime Computer Services was already providing services to...

Read More
Compliancy Group Confirms TSP Technology Inc has Achieved HIPAA Compliance
Jun26

Compliancy Group Confirms TSP Technology Inc has Achieved HIPAA Compliance

Portland, OR-based TSP Technology provides a range of technology services to businesses, helping them to realize the benefits of new technologies without having to have the technical knowhow to implement those technologies. Naturally, in order to provide IT services to healthcare organizations, TSP Technology is likely to come into contact with private health information. As such, the company is considered a business associate and is required to enter into business associate agreements with healthcare organizations before its services can be provided. The business associate agreement confirms that TSP Technology is aware of its responsibilities under HIPAA Rules and agrees to comply with its provisions. TSP Technology was already providing services to healthcare companies and had signed business associate agreements with several healthcare companies. HIPAA training had been provided to staff, but it only covered the basics. ePHI was protected and key staff were aware of the allowable uses and disclosures of ePHI, but only a select number of employees had received training....

Read More
Statewide Collection Service Confirmed HIPAA Compliant by Compliancy Group
Jun18

Statewide Collection Service Confirmed HIPAA Compliant by Compliancy Group

Statewide Collection Service is a full-service accounts receivable management firm and risk assessment provider serving the healthcare industry. The firm has recently completed the Compliancy Group’s Six Stage implementation process and has been awarded its HIPAA Seal of Compliance. Companies that do business with healthcare organizations whose products and services require contact with patient data are required to comply with Health Insurance Portability and Accountability Act (HIPAA) Rules. HIPAA sets standards to ensure patients’ protected health information is secured and remains private and confidential at all times. Statewide Collection Service was formed in 1981 and, as a reputable accounts receivable management firm, is committed to maintaining positive relationships with clients and ensuring any data provided remains private and confidential. Statewide Collection Service wanted to demonstrate it was in compliance with all federally mandated standards and had the technical, physical, and administrative safeguards in place to ensure every patient identifier was totally...

Read More
How Phone.com Started as a HIPAA Business Associate
Jun12

How Phone.com Started as a HIPAA Business Associate

Getting started as a business associate and entering into the healthcare sphere can be a major challenge, but the potential rewards are considerable, as Phone.com discovered. Breaking into the Healthcare Industry Companies that provide services and products to healthcare clients that require contact with protected health information (PHI) are considered business associates under Health Insurance Portability and Accountability Act (HIPAA) Rules. As such, they must implement policies and procedures to ensure they comply with HIPAA Rules, sign business associate agreements with HIPAA-covered entities, and need to ensure safeguards are implemented to ensure the confidentiality, integrity, and availability of any ePHI that they are provided with. For many businesses, having to comply with HIPAA stops them from expanding into this potentially very lucrative market. Not only is it necessary to commit resources to compliance, any failures could result in a considerable financial penalty. The HHS’ Office for Civil Rights has recently confirmed that there are 10 aspects of HIPAA Rules which...

Read More
HealthChampion has HIPAA Compliance Confirmed
Jun09

HealthChampion has HIPAA Compliance Confirmed

HealthChampion, a Chicago, IL-based electronic health app developer, has successfully completed a HIPAA assessment and has been confirmed as having met the requirements of HIPAA and the HITECH Act for its health records platform. HealthChampion empowers patients by giving them easy access to their health records. Health Champion gives patients control of their health information which allows them to take a more active role in their healthcare and obtain the information and medical services they need to help them achieve their health goals. The company believes that a patient should be able to gain access to their health information as easily as they can access their credit score. Companies that develop software solutions that interact with electronic protected health information are required to be compliant with the Health Insurance Portability and Accountability Act (HIPAA). HIPAA demands safeguards be implemented to ensure the confidentiality, integrity, and availability of health information and contains numerous provisions related to the privacy and security of health data....

Read More
Online Computers HIPAA Compliance Program Successfully Completed
Feb02

Online Computers HIPAA Compliance Program Successfully Completed

The Whippany, NJ-based specialist IT firm Online Computers LLC provides state-of-the-art IT support, services, and products to companies to help them get the most out of their technology investments. The company has more than 50 staff and supports more than 135 businesses and NPOs and provides the technology to support more than 10,000 end users. The company is now expanding into the healthcare sector and already provides services to a range of healthcare organizations. Before the company could provide a full range of IT services to the healthcare sector, it was first necessary to enter into business associate agreements with HIPAA-covered entities. Providing IT services means coming into contact with protected health information (PHI). As such, healthcare organizations would require the firm to comply with Health Insurance Portability and Accountability Act Rules. The process of becoming HIPAA compliant can be complicated for SMBs. Further, if mistakes are made, the consequences can be severe. State and federal regulators can issue significant fines for noncompliance. In order to...

Read More
Houston MSP FelinePC Confirmed HIPAA Compliant
Jan25

Houston MSP FelinePC Confirmed HIPAA Compliant

Compliancy Group has awarded FelinePC the HIPAA Seal of Compliance after the successful completion of its compliance program. FelinePC is a managed service provider based in Houston, TX, which provides managed IT and IT support services to clients in the healthcare industry. Since those services require FelinePC to access systems that contain electronic protected health information, FelinePC is classed as a HIPAA business associate. As such, the company is subject to strict regulations and must ensure it keeps protected health information secured and meets its obligations under the HIPAA Privacy and Security Rules. Since the passing of the HIPAA Omnibus Rule in 2013, business associates of HIPAA-covered entities have a legal requirement, rather than a contractual requirement, to comply with HIPAA Rules. Business associates can be fined directly for HIPAA violations and the enforcement of compliance has increased significantly in recent years. Compliance is something that must be taken seriously. Navigating the complexities of HIPAA can be a major challenge for managed service...

Read More
Carolina Innovative Research HIPAA Compliance Commitment Pays Off
Dec28

Carolina Innovative Research HIPAA Compliance Commitment Pays Off

Carolina Innovative Research has been re-affirmed as HIPAA compliant by the Compliancy Group after successfully completing its compliance program using The Guard, Compliancy Group’s proprietary compliance tracking solution. Columbia, SC-based Carolina Innovative Research (CI) is a leading provider of IT support services to businesses in South Carolina and beyond. The company offers specialist IT services to the healthcare and law industries and helps its customers mitigate cybersecurity and compliance issues through its business continuity, disaster recovery, and managed IT services. In order to provide a full range of managed services to healthcare providers, CI had to implement a range of safeguards to ensure sensitive information was always secured and HIPAA requirements for business associates were satisfied. Any company starting out on a compliance journey will soon discover that complying with HIPAA involves much more than conducting a risk assessment, plugging security gaps, and signing a business associate agreement. “It really requires an organizational commitment,...

Read More
HIPAA Quiz Launched by Compliancy Group
Sep26

HIPAA Quiz Launched by Compliancy Group

A new HIPAA Quiz has been launched by the Compliancy Group, which serves as a quick and easy free tool to assess the current state of HIPAA compliance in an organization.   Healthcare organizations that have implemented policies and procedures to comply with the Health Insurance Portability and Accountability Act (HIPAA) Rules may think that they are fully compliant with all provisions of the HIPAA Privacy, Security, and Breach Notification Rules. However, HHS’ Office for Civil Rights (OCR) compliance audits and investigations into data breaches and complaints often reveal certain requirements of HIPAA have been missed or misinterpreted. OCR investigates all breaches of more than 500 records and so far in 2018, six financial penalties have been issued to HIPAA covered entities to resolve HIPAA violations. The average settlement/civil monetary penalty in 2018 is $1,491,166. State attorneys general also investigate data breaches and complaints and can also issue fines for noncompliance with HIPAA Rules. There have been five fines issued by state attorneys general in 2018 to resolve...

Read More
The Compliancy Group Helps Imperial Valley Family Care Medical Group Pass HIPAA Audit
Sep20

The Compliancy Group Helps Imperial Valley Family Care Medical Group Pass HIPAA Audit

The Department of Health and Human Services’ Office for Civil Rights commenced the second round of HIPAA compliance audits late last year. The audit program consists of desk-based audits of HIPAA-covered entities and business associates, followed by a round of in-depth audits involving site visits. The desk audits have been completed, with the site audits put on hold and expected to commence in early 2018. Only a small number of covered entities have been selected to be audited as part of the second phase of compliance audits; however, covered entities that have escaped an audit may still be required to demonstrate they are in compliance with HIPAA Rules. In addition to the audit program, any HIPAA-covered entities that experiences a breach of more than 500 records will be investigated by OCR to determine whether the breach was the result of violations of HIPAA Rules. OCR also investigates complaints submitted through the HHS website. The first round of HIPAA compliance audits in 2011/2012 did not result in any financial penalties being issued, but that may not be the case for the...

Read More