HIPAA / HITECH

 

Rule Changes

 

Recent changes to HIPAA security & privacy rule enforcement and the the addition of the breach notification rules (under HITECH) have lead to more than just health care companies being impacted. Any company providing services to “covered entities” (health care organizations) will be required to sign Business Associate Agreements. These agreements generally require the service provider (your company) to agree that you are compliant with the HIPAA Security Rule as well as other provisions. Are you comfortable signing Business Associate Agreements? Regardless, if you have customers that are health care providers, you may be liable and subject to unwanted federal audits and penalties up to $1.5 million.

 

Leverage Existing Controls


Compliance with the HIPAA Security Rule is straightforward if you have other controls in place, such as those required to have a favorable SOC 2 Type II report issued. HIPAA requires that you have implemented “administrative, technical, and physical” controls. Administrative controls are covered by your policies, procedures, and risk analysis process. Technical and physical controls are dictated by your policies.

 

Liability


If you have any customers or partners that are health care providers, or have been asked to sign business associate agreements, don’t hold that extra liability. HIPAA compliance can often be achieved fairly quickly with minimal effort.

 

Have Questions About HIPAA?

LET US HELP YOU FIND OUT WHAT COMPLIANCE FRAMEWORK IS BEST FOR YOUR BUSINESS.

 

About company

Our unique readiness approach combining software and expert-driven assistance will ensure you’re preparing in the most practical and quickest way possible.

 

Services

 

Services

 

Get Started with SOC 2 Compliance

 

DOWNLOAD SOC 2 BUNDLE