PCIHIPAA Introduces New System to Help Healthcare Practitioners Stay Compliant With Evolving HIPAA Requirements
Los Angeles, CA, October 1, 2015 (Newswire.com) - PCIHIPAA introduced a new risk assessment tool this week to support the mandatory HIPAA compliance of health care practices. HIPAA Section Code 164.308(a)(1)(ii)(A) now mandates health care providers complete a risk assessment to reveal key vulnerabilities and help prevent data breaches. Confusion over HIPAA requirements and aggressive targeting of medical practices by cyber criminals have increased incidences of data breaches and threats to cyber security and heightened the concern surrounding the safety of PHI (Protected Health Information).
PCIHIPAA’s new upgraded risk assessment tool provides medical and dental practices with the information they need to evaluate their risk and avoid a data breach. The assessment considers the administrative, physical and technical safeguards required under the HIPAA Security Rule. All applicants receive a 22-page report noting their key vulnerabilities and a risk score that provides an overall assessment of their level of risk.
"Our mission is to help medical and dental practices easily and affordably navigate HIPAA requirements and provide the solutions they need to protect their patient information. The right first step is to take a Risk Assessment. It's mandatory under the HIPAA Security Rule, and PCIHIPAA now makes it easier than ever to get started."
Jeff Broudy, CEO, PCIHIPAA
“Our mission is to help medical and dental practices easily and affordably navigate HIPAA requirements and provide the solutions they need to protect their patient information,” said Jeff Broudy CEO of PCIHIPAA. “The right first step is to take a Risk Assessment. It’s mandatory under the HIPAA Security Rule, and PCIHIPAA now makes it easier than ever to get started.”
According to the U.S. Department of Health and Human Services, OCR has received over 118,939 HIPAA complaints following the issuance of the Privacy Rule in April 2003, initiated over 1,224 compliance reviews and resolved 94% of these cases. A rising number of claims filed under HIPAA in recent years have led many patients to question whether or not their personal payment and health information is safe. As the government has become more aggressive in HIPAA enforcement, large settlements have become widespread and rising penalties for HIPAA non-compliance are a reality. According to HHS.gov, the types of HIPAA violations investigated most often are:
1) Impermissible uses and disclosures of PHI
2) Lack of safeguards of PHI
3) Lack of patient access to their PHI
4) Lack of administrative safeguards of electronic PHI
5) Use or disclosure of more than the minimum necessary PHI
As cyber security threats remain a paramount concern among many Americans, HIPAA compliance enforcement will likely increase. In fact, The Department of Health and Human Services' Office for Civil Rights is getting closer to resuming the random HIPAA compliance audit program and is planning a number of compliance-related initiatives for the fall, OCR Director Jocelyn Samuels said in a recent presentation on September 2.
“Our new online risk assessment is free to all practices that opt – in. And we also provide a 22-page risk analysis that details the requirements as defined by The Department of Health and Human Services. Why free? Because we believe it’s important every practice take a risk assessment, and we invest in our clients' success,” added Broudy. “Those who choose to continue to do nothing in this data breach environment are needlessly putting their practices at risk.”
About PCIHIPAA
PCIHIPAA is an industry leader in medical and dental compliance by providing turnkey, customizable solutions for its clients. PCIHIPAA minimizes the complexities of navigating financial and legal compliance to ensure that medical and dental practices are compliant, trained and prepared. Learn more at PCIHIPAA.com.
Share:
Tags: cyber security, data breach, dental practices, health care, hipaa requirements, hipaa security rule, patient health information, PCI, pcihipaa, penalties, risk assessment, violations