ProtoLytic, LLC Verified as HIPAA-Compliant by Compliancy Group
Nov16

ProtoLytic, LLC Verified as HIPAA-Compliant by Compliancy Group

ProtoLytic, LLC, the Tampa, FL-based developer of decision support tools for medical cost management, has been confirmed as HIPAA-compliant by Compliancy Group. ProtoLytic tools are used by healthcare providers to develop treatment plans for patients using evidence-based guidelines and demographic data to help claims adjusters process referrals and medical service requests and reduce time to quality of care. The company has also developed a predictive modelling information system to determine the treatment and medical services patients with specific health conditions are likely to need. These software solutions naturally come into contact with electronic protected health information (PHI). Consequently, ProtoLytic is classed as a business associate under Health Insurance Portability and Accountability Act (HIPAA) Rules. In addition to entering into a business associate agreement (BAA) with HIPAA-covered entities, ProtoLytic is must ensure safeguards are implemented to ensure the confidentiality, integrity, and availability of ePHI and the company and its employees must adhere to...

Read More
EnTech Confirms HIPAA-Compliant Status with Compliancy Group
Nov15

EnTech Confirms HIPAA-Compliant Status with Compliancy Group

The Fort Myers, FL-based managed IT service provider, EnTech, has been confirmed as in compliance with Health Insurance Portability and Accountability Act (HIPAA) Rules by Compliancy Group. Entech has been serving businesses in Southwest Florida for more than 20 years. The company offers managed IT and integration services to help businesses get the most out of information technology, along with strategic technology consultancy services to help businesses choose the best IT architectures to meet their needs. In order to provide those services to healthcare organizations, EnTech is required to comply with HIPAA Rules. The company must implement appropriate safeguards to ensure the confidentiality, integrity, and availability of electronic protected health information (ePHI) and its employees made aware of their responsibilities with respect to HIPAA and ePHI. Assisted by Compliancy Group’s HIPAA coaches and using “The Guard” compliance tracking solution, EnTech has successfully completed Compliancy Group’s 6-Stage Risk Analysis and Remediation Process. Successful completion of that...

Read More
Web Event: Solving the HIPAA Problem with Compliancy Group: Demonstration of The Guard HIPAA Compliance Software
Nov11

Web Event: Solving the HIPAA Problem with Compliancy Group: Demonstration of The Guard HIPAA Compliance Software

HIPAA Journal Sponsor, Compliancy Group, will be hosting a group demonstration of its HIPAA compliance software solution, The Guard, on Wednesday, November 20, 2019 at 14:00 ET. The event will give you the opportunity to find out more about how The Guard simplifies HIPAA compliance and how it can help your organization meet all requirements of the HIPAA Privacy, Security, Breach Notification, and Omnibus Rules. The Guard is a proprietary software solution that simplifies compliance with HPAA Rules and covers all aspects of the Health Insurance Portability and Accountability Act. The software is based on Compliancy Group’s “Achieve, Illustrate, and Maintain” methodology, and will not only help covered entities and business associates develop a compliance program, it will help them ensure that compliance is maintained. By simplifying the compliance process, covered entities and business associates can focus on running their businesses and practices. The Guard includes intuitive training and assistance from Compliancy Group’s compliance coaches along with HIPAA assessments...

Read More
Speakap Confirmed as HIPAA Compliant by Compliancy Group
Nov07

Speakap Confirmed as HIPAA Compliant by Compliancy Group

The communication platform provider Speakap has announced it has achieved compliance with Health Insurance Portability and Accountability Act (HIPAA) Rules with Compliancy Group. Speakap has developed a communications platform that helps healthcare organizations communicate quickly and efficiently with their frontline staff, even if they do not have easy access to computers. Through a mobile app, healthcare organizations can maintain contact with deskless workers and communicate with the entire workforce through a desktop version of the app. The app is used by businesses in a wide range of industry sectors; however, in order to offer the communications solution to the healthcare industry, Speakap needed to ensure that its platform, policies, and procedures were in full compliance with HIPAA Rules. Since the platform can be used to communicate ePHI, Speakap is classed as a business associate under HIPAA and must ensure administrative, physical, and technical safeguards are incorporated into its solution and the company fulfils its responsibilities with respect to HIPAA. To ensure...

Read More
Webinar: Your 2019 MIPS Security Risk Analysis: 6 Steps to Compliance (11/14/19)
Nov06

Webinar: Your 2019 MIPS Security Risk Analysis: 6 Steps to Compliance (11/14/19)

Healthcare organizations often struggle with risk analyses, as OCR’s HIPAA enforcement actions clearly show. The risk analysis is the most common HIPAA violation cited in OCR’s enforcement actions. The risk analysis is essential as it allows healthcare organizations to identify all risks to the confidentiality, integrity, and availability of ePHI. Those risks can then be reduced to a reasonable and acceptable level. A risk assessment should be completed regularly, with the frequency determined by the circumstances of their environment. For many healthcare organizations, this will be annually. An annual security risk analysis (SRA) is a requirement of the 2019 MIPS Performance Year to comply with Promoting Interoperability. The SRA makes up 25% of the performance score so it is essential that this critical process is completed. The deadline for completing the SRA is December 31, 2019. If you have yet to conduct your SRA for 2019 and are not yet ready to attest to meeting this objective, help is at hand. HIPAA Journal sponsor, Compliancy Group, is hosting a webinar in conjunction...

Read More
Compliancy Group Helps Technology Response Team Achieve HIPAA Compliance
Nov05

Compliancy Group Helps Technology Response Team Achieve HIPAA Compliance

Compliancy Group has announced that Technology Response Team has successfully completed its 6-stage HIPAA risk analysis and remediation process and has demonstrated compliance with the standards of the HIPAA Privacy, Security, Breach Notification, and Omnibus Rules. Technology Response Team is a Managed Service Provider (MSP) based in Denver, CO that provides a wide range of IT support and cybersecurity services to healthcare organizations in the Denver Front Range and helps them succeed through the use of technology. The company translates complex computer terminology into language that can be easily understood by its clients and helps them implement IT solutions that improve efficiency and protect against malicious attacks. Naturally, the services provided to healthcare organizations mean the company will come into contact with systems used to create, receive, store, process, and transmit electronic protected health information. As such, Technology Response Team is classed as a business associate and is required to comply with HIPAA. Technology Response Team is committed to...

Read More
Compliancy Group Confirms Integrated Technology Group is HIPAA Compliant
Oct25

Compliancy Group Confirms Integrated Technology Group is HIPAA Compliant

Integrated Technology Group, a leading healthcare-industry focused managed service provider (MSP) in the Central Virginia region, has achieved HIPAA compliance with Compliancy Group and has demonstrated its policies and procedures are fully compliant with the HIPAA Privacy, Security, Omnibus, and Breach Notification Rules and the requirements of the HITECH Act. Integrated Technology Group is primarily focused on providing managed information technology services to private medical practices to help them focus on what they do best – providing care to patients. Initially the company’s main focus was providing break-fix services. Today the company offers a wide range of managed IT services, including helping medical practices with cloud integrations, continuity planning, implementing VOIP solutions, and securing their networks. Since the provision of those services requires access to systems containing patients’ electronic protected health information, Integrated Technology Group is classed as a business associate under Health Insurance Portability and Accountability Act Rules....

Read More
Webinar: Atlantic.Net and Compliancy Group Offer Help on Cybersecurity and HIPAA Compliance
Oct23

Webinar: Atlantic.Net and Compliancy Group Offer Help on Cybersecurity and HIPAA Compliance

The HIPAA-compliant hosting company, Atlantic.net, is teaming up with HIPAA-compliance specialists Compliancy Group for a webinar to explain some easy-to-implement steps healthcare organizations can take to quickly improve their security posture, become more resilient to cyberattacks, and ensure they continue to stay compliant with HIPAA regulations. Healthcare organizations are being targeted by cybercriminals for the data they hold. Patient data can be sold for big bucks on the black market, there a growing trade in stolen healthcare login credentials, and ransomware is being used to extort money from hospitals and medical practices. For the past two months, healthcare data breaches have been reported at a rate of more than 1.5 per day, which is twice the rate of 2018. Cybersecurity has never been more important. Many practices lack the internal resources to devote to cybersecurity and budgets are stretched. Finding the funds to devote to improving cybersecurity protections can be a major challenge, so it is important to ensure any additional funding is well spent. In the...

Read More
Webinar: Social Media and HIPAA Compliance: Protecting Your Practice in the Digital Age
Sep17

Webinar: Social Media and HIPAA Compliance: Protecting Your Practice in the Digital Age

Social media is a potential minefield for HIPAA violations. One impulsive response to an online review could violate the privacy of a patient, breach HIPAA Rules, and leave and the practice at risk of a significant HIPAA violation penalty. In the digital age, healthcare providers have to deal with a whole new set of privacy concerns. Social media cannot be avoided, so it is important to understand what must be done to protect the business. “Proactively generating reviews and also responding to them effectively, in a timely manner is essential to marketing your practice. However, without proper precaution, health care providers could face serious privacy breaches and even HIPAA violations,” said Liam. In the webinar, Liam will explain how healthcare providers can respond to reviews in a manner that minimizes legal risk, while remaining fully compliant with HIPAA regulations. Register for our upcoming webinar to find out how to manage your online reputation–without risking your practice. Webinar Details: Date:    Tuesday, September 17th Time:    2:00 pm ET/11:00 am PT...

Read More
Compliancy Group Confirms Integration Link LLC is in Compliance with HIPAA and the HITECH Act
Sep17

Compliancy Group Confirms Integration Link LLC is in Compliance with HIPAA and the HITECH Act

Integration Link, LLC, a provider of cybersecurity consultancy services and virtual Chief Information Security Officers to small to large enterprises, has completed Compliancy Group’s 6-Stage HIPAA Risk Analysis and remediation process and has demonstrated full compliance with all provisions of the HIPAA Privacy, Security, Breach Notification, and Omnibus Rules and the HITECH Act. Finding suitable candidates to fill the position of Chief Information Security Officer can be a major challenge for healthcare organizations. There is a nationwide shortage of sufficiently skilled individuals and many positions remain vacant. Some enterprises simply cannot afford to hire a fulltime Chief Information Security Officer. Integration Link addresses the gap by providing virtual Chief Information Security Officers to guide organizations through the process of reducing risks to protected health information and information assets. Naturally, such a service requires staff at Integration Link to be provided with access to systems that contain protected health information, which makes the company a...

Read More
CTI Technology Confirmed as HIPAA Compliant
Aug28

CTI Technology Confirmed as HIPAA Compliant

CTI Technology, an Elgin, IL-based managed IT service provider, has demonstrated compliance with the Health Insurance Portability and Accountability Act (HIPAA) Rules using Compliancy Group’s proprietary HIPAA methodology and compliance tracking solution, The Guard. Any company that provides a product or service to healthcare organizations that requires access to systems containing protected health information (PHI) is classed as a HIPAA business associate. Following the introduction of the HIPAA Omnibus Final Rule, all business associates of HIPAA-covered entities must comply with HIPAA Rules or face stiff financial penalties for noncompliance. CTI Technology believes compliance with HIPAA Rules is essential for protecting patient privacy, improving data security, and reducing fraudulent activity. The company educates its clients on the measures required to ensure compliance with the HIPAA Security Rule and how, through compliance, cyberattacks can be thwarted and regulatory fines avoided. CTI Technology has recently completed Compliancy Group’s 6-stage risk analysis and...

Read More
IT Service Provider Choose Networks Achieves HIPAA Compliance with Compliancy Group
Aug26

IT Service Provider Choose Networks Achieves HIPAA Compliance with Compliancy Group

The Wichita, KS-based IT service provider, Choose Networks, has achieved HIPAA compliance with Compliancy Group. Choose Networks was established in 2001 to provide small to medium sized businesses with enterprise-grade IT support. The company now employs over 35 people and provides IT support services to a wide range of companies, including many in the healthcare industry. As an IT service provider, Choose Networks requires access to systems containing protected health information. As such, the company is considered a HIPAA business associate and is required to comply with HIPAA Rules. In order to ensure that all requirements of HIPAA have been met and to demonstrate the company follows the same policies, procedures, and administrative practices as its healthcare clients, Choose Networks partnered with Compliancy Group and completed its 6-Stage HIPAA risk analysis and remediation process. “Choose Networks delivers an excellent customer experience, and this doesn’t stop with technical guidance and support. It is paramount to do everything it takes to protect our customers,”...

Read More
Webinar: Aug 21, 2019: Why Your Organization Needs More Than Just Training If You Want To Be HIPAA Compliant?
Aug21

Webinar: Aug 21, 2019: Why Your Organization Needs More Than Just Training If You Want To Be HIPAA Compliant?

On August 21, 2019. HIPAA Journal Sponsor, Compliancy Group, will be hosting a webinar entitled “Why your organization needs more than just training if you want to be HIPAA compliant?” If you are a HIPAA covered entity or business associate, compliance with the Health Insurance Portability and Accountability Act is mandatory. All employees must be trained on HIPAA and should understand how the legislation applies to their role in the organization. With the workforce trained on privacy and security and aware of the allowable uses and disclosures permitted by the HIPAA Privacy Rule, employees will be able to complete their work duties in full compliance with HIPAA and avoid financial penalties. HIPAA compliance requires an ongoing commitment to achieve the required standards for privacy and security and ensure those standards are maintained. To find out more about what’s entailed, Compliancy Group is holding a webinar. During this webinar, Compliancy Group President and CEO Marc Haskelson will explain: How to meet all federal requirements for effective HIPAA training How...

Read More
Direct Connect Computer Systems Inc. Recognized as HIPAA Compliant
Aug16

Direct Connect Computer Systems Inc. Recognized as HIPAA Compliant

The Cleveland, OH-based technology solution provider, Direct Connect Computer Systems, Inc., has demonstrated the company is fully compliant with Health Insurance Portability and Accountability Act (HIPAA) Rules. Companies that provide technology solutions and services to healthcare clients that require contact with electronic protected health information (ePHI) are classed as ‘business associates’ under HIPAA. Business associates of HIPAA covered entities must ensure they are fully compliant with the HIPAA Privacy, Security, Omnibus, and Breach Notification Rules, and must ensure the confidentiality, integrity, and availability of ePHI at all times. Business associates face substantial fines if they are discovered not to be compliant with HIPAA Rules. In order to start providing products and services to healthcare organizations, companies must be able to provide reasonable assurances that they are fully compliant with HIPAA Rules. To help provide those assurances and demonstrate the company’s commitment to privacy and security, Direct Connect Computer Systems, Inc., partnered with...

Read More
Compliancy Group Appoints New HIPAA Attorney
Aug07

Compliancy Group Appoints New HIPAA Attorney

Compliancy Group has announced the appointment of a new, experienced healthcare attorney and legal researcher who has been tasked with helping to simplify the complex requirements of the Health Insurance Portability and Accountability Act (HIPAA) to make them more understandable to the company’s clients and the public at large. Daniel Lebovic, a graduate of Emory University School of Law, will join Compliancy Group’s Content Management Team. Lebovic has a background in healthcare law and translating complex legal documents into written content that can be easily understood by individuals without a legal background. Much has changed in healthcare over the last 20 years since HIPAA was enacted. Ensuring continued compliance with HIPAA as work practices change and new technology is introduced can be a major challenge, one that requires a thorough understanding of the nuances of HIPAA. HIPAA contains a set of standards for healthcare organizations of all sizes, from single doctor practices to the nation’s largest health systems and health insurers but it does not say how those...

Read More
Qmetis Inc. Demonstrates HIPAA Compliant Status by Completing Compliancy Group HIPAA Risk Analysis Program
Jul31

Qmetis Inc. Demonstrates HIPAA Compliant Status by Completing Compliancy Group HIPAA Risk Analysis Program

The NY-based healthcare technology company Qmetis has successfully completed Compliancy Group’s 6-Stage HIPAA Risk Analysis and remediation process and has been confirmed as being in compliance with Health Insurance Portability and Accountability Act (HIPAA) Rules for HIPAA business associates. Qmetis develops web-based interactive quality assessment and quality assurance decision-support tools for healthcare professionals. The tools help hospitals and medical centers, and physician’s offices consistently deliver evidence-based care to patients. The tools are used in real-time at a patient’s bedside and support treatment decisions. Healthcare organizations that have adopted the tools have been able to improve outcomes and reduce costs. The tools developed by Qmetis interact with patient health information, so the company is considered a business associate under HIPAA and is required to comply with HIPAA Rules. The company had already developed a HIPAA compliance program, but as part of its continuing commitment to compliance, the company partnered with the Compliancy Group and used...

Read More
Computer Doc Achieves HIPAA Compliance with Compliancy Group
Jul24

Computer Doc Achieves HIPAA Compliance with Compliancy Group

Compliancy Group has announced that the Indian Trail, NC-based IT firm Computer Doc is compliant with the HIPAA Privacy, Security, Breach Notification, Omnibus Rules and the requirements of the HITECH Act. Since 1997, Computer Doc has been providing IT support and consultancy services to businesses in and around Charlotte, NC. The firm focuses on providing IT support to small to medium sized businesses to help them increase productivity, improve efficiency, and boost profitability through the intelligent use of IT. In order to reassure healthcare companies that the firm is aware of the requirements of HIPAA and is committed to providing a HIPAA-compliant IT support service, Computer Doc signed up with the Compliancy Group and was guided through the compliance process. “With HIPAA violation fine enforcement up 400% in recent years and series of high-profile breaches and multi-million dollar settlements that drew national attention, the importance of HIPAA compliance for both IT service providers (BAs) and their healthcare IT clients (CEs) has never been more urgent,” explained...

Read More
Selarom Demonstrates Compliance with HIPAA Regulations
Jul16

Selarom Demonstrates Compliance with HIPAA Regulations

El Monte, CA-based Selarom is a specialist cybersecurity firm that provides services to healthcare organizations to help them secure their sensitive data and comply with HIPAA Rules. The company now offers a ‘HIPAA Compliance Complete Solution’ and provides a comprehensive security package for both the managerial and technical sides of organizations. Ensuring sensitive information stays private and confidential is the company’s No1 priority. HIPAA compliance is more important today than ever before. The number of cyberattacks on healthcare organizations has reached unprecedented levels. 500+ record healthcare data breaches now being reported at a rate of more than one a day. If a breach occurs, the HHS’ Office for Civil Rights will investigate and ask for evidence of HIPAA compliance. Many small healthcare providers struggle to comply with all provisions of the HIPAA Privacy and Security Rules. In the event of a breach or audit, those providers will be at risk of regulatory fines. Selarom helps companies secure their data and prevent data breaches. The company ensures that in the...

Read More
Sublime Computer Services Achieves HIPAA Compliance Program Success
Jul01

Sublime Computer Services Achieves HIPAA Compliance Program Success

The Compliancy Group has announced that the Nashville, TN-based IT managed service provider Sublime Computer Services has implemented an effective HIPAA compliance program and has demonstrated compliance with all aspects of HIPAA. Sublime Computer Services was formed in 2008 and since been providing a range of IT services to small to medium sized businesses in the Nashville area and beyond, including many in the healthcare industry.  The company serves as a third-party IT department for its clients, and as such, its services involve contact with systems containing electronic protected health information (ePHI). As such, Sublime Computer Services must sign a business associate agreement with healthcare organizations and agree to comply with all requirements of HIPAA when providing its services and support. Any HIPAA compliance failure can potentially result in a financial penalty for healthcare organizations and their business associates. It is therefore important to ensure that no aspect of HIPAA has been missed. Sublime Computer Services was already providing services to...

Read More
Compliancy Group Confirms TSP Technology Inc has Achieved HIPAA Compliance
Jun26

Compliancy Group Confirms TSP Technology Inc has Achieved HIPAA Compliance

Portland, OR-based TSP Technology provides a range of technology services to businesses, helping them to realize the benefits of new technologies without having to have the technical knowhow to implement those technologies. Naturally, in order to provide IT services to healthcare organizations, TSP Technology is likely to come into contact with private health information. As such, the company is considered a business associate and is required to enter into business associate agreements with healthcare organizations before its services can be provided. The business associate agreement confirms that TSP Technology is aware of its responsibilities under HIPAA Rules and agrees to comply with its provisions. TSP Technology was already providing services to healthcare companies and had signed business associate agreements with several healthcare companies. HIPAA training had been provided to staff, but it only covered the basics. ePHI was protected and key staff were aware of the allowable uses and disclosures of ePHI, but only a select number of employees had received training....

Read More
Statewide Collection Service Confirmed HIPAA Compliant by Compliancy Group
Jun18

Statewide Collection Service Confirmed HIPAA Compliant by Compliancy Group

Statewide Collection Service is a full-service accounts receivable management firm and risk assessment provider serving the healthcare industry. The firm has recently completed the Compliancy Group’s Six Stage implementation process and has been awarded its HIPAA Seal of Compliance. Companies that do business with healthcare organizations whose products and services require contact with patient data are required to comply with Health Insurance Portability and Accountability Act (HIPAA) Rules. HIPAA sets standards to ensure patients’ protected health information is secured and remains private and confidential at all times. Statewide Collection Service was formed in 1981 and, as a reputable accounts receivable management firm, is committed to maintaining positive relationships with clients and ensuring any data provided remains private and confidential. Statewide Collection Service wanted to demonstrate it was in compliance with all federally mandated standards and had the technical, physical, and administrative safeguards in place to ensure every patient identifier was totally...

Read More
How Phone.com Started as a HIPAA Business Associate
Jun12

How Phone.com Started as a HIPAA Business Associate

Getting started as a business associate and entering into the healthcare sphere can be a major challenge, but the potential rewards are considerable, as Phone.com discovered. Breaking into the Healthcare Industry Companies that provide services and products to healthcare clients that require contact with protected health information (PHI) are considered business associates under Health Insurance Portability and Accountability Act (HIPAA) Rules. As such, they must implement policies and procedures to ensure they comply with HIPAA Rules, sign business associate agreements with HIPAA-covered entities, and need to ensure safeguards are implemented to ensure the confidentiality, integrity, and availability of any ePHI that they are provided with. For many businesses, having to comply with HIPAA stops them from expanding into this potentially very lucrative market. Not only is it necessary to commit resources to compliance, any failures could result in a considerable financial penalty. The HHS’ Office for Civil Rights has recently confirmed that there are 10 aspects of HIPAA Rules which...

Read More
HealthChampion has HIPAA Compliance Confirmed
Jun09

HealthChampion has HIPAA Compliance Confirmed

HealthChampion, a Chicago, IL-based electronic health app developer, has successfully completed a HIPAA assessment and has been confirmed as having met the requirements of HIPAA and the HITECH Act for its health records platform. HealthChampion empowers patients by giving them easy access to their health records. Health Champion gives patients control of their health information which allows them to take a more active role in their healthcare and obtain the information and medical services they need to help them achieve their health goals. The company believes that a patient should be able to gain access to their health information as easily as they can access their credit score. Companies that develop software solutions that interact with electronic protected health information are required to be compliant with the Health Insurance Portability and Accountability Act (HIPAA). HIPAA demands safeguards be implemented to ensure the confidentiality, integrity, and availability of health information and contains numerous provisions related to the privacy and security of health data....

Read More
Online Computers HIPAA Compliance Program Successfully Completed
Feb02

Online Computers HIPAA Compliance Program Successfully Completed

The Whippany, NJ-based specialist IT firm Online Computers LLC provides state-of-the-art IT support, services, and products to companies to help them get the most out of their technology investments. The company has more than 50 staff and supports more than 135 businesses and NPOs and provides the technology to support more than 10,000 end users. The company is now expanding into the healthcare sector and already provides services to a range of healthcare organizations. Before the company could provide a full range of IT services to the healthcare sector, it was first necessary to enter into business associate agreements with HIPAA-covered entities. Providing IT services means coming into contact with protected health information (PHI). As such, healthcare organizations would require the firm to comply with Health Insurance Portability and Accountability Act Rules. The process of becoming HIPAA compliant can be complicated for SMBs. Further, if mistakes are made, the consequences can be severe. State and federal regulators can issue significant fines for noncompliance. In order to...

Read More
Houston MSP FelinePC Confirmed HIPAA Compliant
Jan25

Houston MSP FelinePC Confirmed HIPAA Compliant

Compliancy Group has awarded FelinePC the HIPAA Seal of Compliance after the successful completion of its compliance program. FelinePC is a managed service provider based in Houston, TX, which provides managed IT and IT support services to clients in the healthcare industry. Since those services require FelinePC to access systems that contain electronic protected health information, FelinePC is classed as a HIPAA business associate. As such, the company is subject to strict regulations and must ensure it keeps protected health information secured and meets its obligations under the HIPAA Privacy and Security Rules. Since the passing of the HIPAA Omnibus Rule in 2013, business associates of HIPAA-covered entities have a legal requirement, rather than a contractual requirement, to comply with HIPAA Rules. Business associates can be fined directly for HIPAA violations and the enforcement of compliance has increased significantly in recent years. Compliance is something that must be taken seriously. Navigating the complexities of HIPAA can be a major challenge for managed service...

Read More
Carolina Innovative Research HIPAA Compliance Commitment Pays Off
Dec28

Carolina Innovative Research HIPAA Compliance Commitment Pays Off

Carolina Innovative Research has been re-affirmed as HIPAA compliant by the Compliancy Group after successfully completing its compliance program using The Guard, Compliancy Group’s proprietary compliance tracking solution. Columbia, SC-based Carolina Innovative Research (CI) is a leading provider of IT support services to businesses in South Carolina and beyond. The company offers specialist IT services to the healthcare and law industries and helps its customers mitigate cybersecurity and compliance issues through its business continuity, disaster recovery, and managed IT services. In order to provide a full range of managed services to healthcare providers, CI had to implement a range of safeguards to ensure sensitive information was always secured and HIPAA requirements for business associates were satisfied. Any company starting out on a compliance journey will soon discover that complying with HIPAA involves much more than conducting a risk assessment, plugging security gaps, and signing a business associate agreement. “It really requires an organizational commitment,...

Read More
HIPAA Quiz Launched by Compliancy Group
Sep26

HIPAA Quiz Launched by Compliancy Group

A new HIPAA Quiz has been launched by the Compliancy Group, which serves as a quick and easy free tool to assess the current state of HIPAA compliance in an organization.   Healthcare organizations that have implemented policies and procedures to comply with the Health Insurance Portability and Accountability Act (HIPAA) Rules may think that they are fully compliant with all provisions of the HIPAA Privacy, Security, and Breach Notification Rules. However, HHS’ Office for Civil Rights (OCR) compliance audits and investigations into data breaches and complaints often reveal certain requirements of HIPAA have been missed or misinterpreted. OCR investigates all breaches of more than 500 records and so far in 2018, six financial penalties have been issued to HIPAA covered entities to resolve HIPAA violations. The average settlement/civil monetary penalty in 2018 is $1,491,166. State attorneys general also investigate data breaches and complaints and can also issue fines for noncompliance with HIPAA Rules. There have been five fines issued by state attorneys general in 2018 to resolve...

Read More
The Compliancy Group Helps Imperial Valley Family Care Medical Group Pass HIPAA Audit
Sep20

The Compliancy Group Helps Imperial Valley Family Care Medical Group Pass HIPAA Audit

The Department of Health and Human Services’ Office for Civil Rights commenced the second round of HIPAA compliance audits late last year. The audit program consists of desk-based audits of HIPAA-covered entities and business associates, followed by a round of in-depth audits involving site visits. The desk audits have been completed, with the site audits put on hold and expected to commence in early 2018. Only a small number of covered entities have been selected to be audited as part of the second phase of compliance audits; however, covered entities that have escaped an audit may still be required to demonstrate they are in compliance with HIPAA Rules. In addition to the audit program, any HIPAA-covered entities that experiences a breach of more than 500 records will be investigated by OCR to determine whether the breach was the result of violations of HIPAA Rules. OCR also investigates complaints submitted through the HHS website. The first round of HIPAA compliance audits in 2011/2012 did not result in any financial penalties being issued, but that may not be the case for the...

Read More