How Can We Help With HIPAA Compliance?
The HIPAA Privacy, Security, and Breach Notification Rules require a number of policies and procedures to be established, and actions to be taken for compliance.
The HIPAA Privacy Rule has undergone significant changes with new patient rights and new restrictions on uses and disclosures of PHI going into effect. Lewis Creek Systems can help with your HIPAA Privacy Rule Compliance:
- Review your HIPAA Privacy policies to ensure they include the required topics and reflect the new regulations, and
- Provide the training necessary to get your staff up to speed on your HIPAA policies, new and old.
The HIPAA Security Rule is being enforced more fully and you need to be sure you have the risk analysis, policies, and procedures necessary to protect PHI. We can help with compliance with the HIPAA Security Rule:
- Perform a HIPAA Security Risk Analysis to identify the areas you need to focus on for reducing your security risks,
- Review your HIPAA Security policies to make sure they meet the extensive requirements of the rules, and provide new policy language where needed,
- Provide the training you need to make sure policies are actually implemented and followed,
- Provide technical security specialists to review the technical security of systems and networks and recommend and implement improvements, and
- Establish the documentation necessary to show compliance, and documentation systems needed to stay in compliance.
The HIPAA Breach Notification Rule requires that you have an incident handling process that will help you determine whether an incident is a breach or not, and what to do if it is. Lewis Creek Systems can:
- Review your policies and procedures to ensure you have what you need in the event of a potential breach, and
- Provide the policies and processes to help prevent breaches, prepare for the eventuality of breaches, and provide a guide for what to do when a breach actually occurs.
Business Associates also have obligations under the HIPAA regulations. Lewis Creek Systems can help you:
- Evaluate the compliance of your Business Associates, and
- Provide letters of Compliance Review to document BA Reviews.
New audit and enforcement activities raise the bar for compliance with HIPAA. We can help you:
- Work through the compliance questions asked of other entities in prior audits,
- Understand the most common risks and how they can be minimized, and
- Avoid the problems the enforcers from the US Department of Health and Human Services find most often, and the fines they’ll be happy to levy for non-compliance.
These Compliance Services utilize the following types of activities:
• Policy Reviews and Development
• Information Flow Analyses
• Risk Analyses
• Risk Assessments
• Compliance Assessments
In addition, we provide services to supplement and complete your compliance efforts, including:
• Integrated Information Security Management Process Services
• Wiki-based Documentation Services
• Seminars and Training Services
• On-site Presentations
And finally, in the event of legal action and a need for an expert to say what is normally done for compliance in the context of various circumstances, we are available to provide Expert Witness services, such as analysis and guidance, expert witness reports, and depositions. Please see the Expert Witness Services page or contact us directly to set up a time to discuss your needs.
If you're facing an information privacy or security compliance issue, we can help – please contact us today for more information or a free preliminary quotation for services. We can provide the experience and leadership you need at a very reasonable cost.
For the latest information to assist with your compliance efforts, please see our Resources and Latest Compliance News pages. Please also see the list of Upcoming Public Seminars, including conference presentations, seminars, and audio conferences.
And we're always happy to answer any questions we can – just e-mail or call and we'll do our best for you.