to EMR transition Contents

Size: px
Start display at page:

Download "to EMR transition Contents"

Transcription

1 Best Practices Guide HIPAA Primer series HEALTHCARE Iron Mountain Document Conversion Services The HIPAA-compliant approach to EMR transition Contents 3 EMR Transition: The Growing Importance of Document Conversion 5 The Value of Choosing a Compliant Partner for Document Conversion 7 Iron Mountain Document Conversion Services: Part of a Total EMR Enablement Solution 11 End-to-End Compliance 15 Conclusion Healthcare institutions are moving rapidly to adopt Electronic Medical Records (EMR). Central to this effort is document conversion the scanning of new and existing records to digital format. However, document conversion involves much more than scanning. Indeed, it touches on all aspects of records management and HIPAA compliance, affecting paper and film management, digital storage and archiving, and the transport and transmission of patient information throughout a healthcare facility. Iron Mountain is the partner that can help you meet this challenge. Our Document Conversion Services are part of a total Iron Mountain EMR Enablement Solution designed to help you move smoothly and in full compliance to a digital world. Iron Mountain Document Conversion Services offer the compliant solution you need to simplify and accelerate your transition to the EMR IRON (4766) / ironmountain.com 1

2 Healthcare providers are faced with daunting information challenges: Meeting the new HIPAA regulations, achieving best practices, and moving forward with continuous improvement through the transition to the EMR and beyond. Meeting these challenges will require transformational approaches, especially in terms of document conversion.

3 EMR Transition The Growing Importance of Document Conversion Healthcare organizations are moving rapidly to digitize new and existing patient records and films to reduce costs, improve efficiency, enhance patient care and meet the government s goals of adopting Electronic Medical Records. While the EMR promises great benefits such as quickly and effectively providing access to the right records throughout the treatment cycle and across a health system it also poses great challenges, especially in the area of compliance. As hospitals transition from a paper to digital environment, records are often maintained in a hybrid state with complex workflows. Information is stored in both digital and physical formats, as well as multiple storage facilities, forcing providers to search across various silos of information to find a single, complete patient record. In order to overcome this information management challenge, paper records and film should be scanned, converted to digital, and managed throughout the process in a manner that is secure, compliant and cost-effective. In short, HIPAA compliance plays a critical role in document conversion and the transition to electronic records. What the law requires The HIPAA Privacy Rule requires establishing and implementing measures to ensure the confidentiality, integrity and availability of all Protected Health Information (PHI), while the Security Rule addresses safeguards specific to security of electronic data or ephi. Who Must Comply. Health plans, healthcare clearinghouses, healthcare providers (also known as Covered Entities ), and business associates to whom they provide health information. What It Covers. PHI includes any information about health condition, treatment or payment for care that can be related to an individual. The term is a broad one and generally includes all information contained in a patient s medical record and payment history. What the Penalties Are. The government has ramped up enforcement and penalties related to the protection of patient information. Penalties can reach a maximum of $1.5 million annually per type of violation. On the enforcement side, state attorneys general, in addition to the Department of Health and Human Services (HHS), have been given authority to prosecute HIPAA violations. In the future, we can expect the following: 1. Any civil monetary penalties recovered by HHS will be used for their future enforcement efforts. 2. Individuals harmed by a violation may receive a percentage of the penalties, thus encouraging both patients and authorities to report violations. 3

4 Not only is it important that your institution be compliant, but HIPAA now requires your third-party partner be compliant as well. Choosing a partner that understands the broader issues will enable you to maintain HIPAA compliance and keep pace with emerging government initiatives.

5 Choosing a compliant partner for Document Conversion Document conversion, by itself, is a straightforward process. Documents are scanned in a digital format and transmitted directly into your EMR system. But, the conversion process raises many complex issues related to compliance and the transition to the EMR. For example: How will you manage the redundancies and inconsistencies common in paper-based legacy systems? How will you design, implement and control the complex workflows of a hybrid environment? How will you store electronic records in a way that makes them accessible, compliant and affordable? Document conversion is at the nexus of HIPAA compliance, where paper and electronic records converge. Thus, hospitals must choose a document conversion partner that understands the broader issues. Such a partner will not only help you convert documents cost-effectively, but will also enable you to efficiently move to the EMR while maintaining HIPAA compliance and keeping pace with emerging government initiatives like the American Recovery and Reinvestment Act (ARRA). Document conversion, along with the move to the EMR, is a daunting challenge, but with the right partner you will be able to reap long-term benefits for your organization and your patients. Will you be able to maintain retention and destruction schedules that meet regulations and your own requirements so you store only the records you need to store, whether paper or digital? 5

6 As a core component of the Iron Mountain EMR Enablement Solution, our Document Conversion Services digitize paper records and film in a manner that is secure, compliant and cost-effective, to help you accelerate your transition and begin realizing the full benefits of your system.

7 Iron Mountain Document Conversion Services Part of a total EMR enablement solution At Iron Mountain we understand the challenges and opportunities inherent in the EMR transition process. That s why the Iron Mountain EMR Enablement Solution provides a holistic approach to transition. We leverage a combination of specialized imaging programs, data backup and archiving services and secure records storage to build a customized solution that helps you efficiently manage information in the hybrid environment and accelerate your migration to the EMR. At the core of this solution are our Document Conversion Services, which integrate seamlessly with your existing systems and processes to help you cost-effectively convert your paper records and films to electronic format. Our Document Conversion Services provide: Capabilities that align with relevant HIPAA guidelines. A large footprint of secure local and regional Record Centers. The experience and best practices gained from scanning over 10 million pages per month at our more than 110 Imaging Centers. Highly trained personnel. High-speed scanners and industry-leading software for fast conversion and high-quality images. Direct integration with major EMR systems or delivery via a secure FTP site. Secure, offsite archiving and backup for storing electronic patient data. A documented chain of custody that ensures patient records are protected throughout the entire process. Stay in control with Iron Mountain Connect As a service to our customers, we provide Iron Mountain Connect. This highly secure Web-based system offers you access to the tools and applications you need to easily and cost-effectively manage your document conversion and other records activities. With Iron Mountain Connect, you can: Quickly locate physical records in the hybrid environment. Easily schedule documents for conversion. Consistently manage the retention and destruction of physical records. Assign employee authorization levels and monitor access. 7

8 Paper Document Scanning We work with you to build a compliant, cost-effective digital workflow, allowing you to select any combination of our imaging options to meet your operational and regulatory needs. Day-Forward Conversion. Even after you establish an EMR solution, certain records will continue to be created on paper. You will need a compliant solution for converting these documents to electronic format as soon as possible and integrating them into the record. Day-Forward Conversion helps you build a workflow that seamlessly puts your organization s newest records into an electronic format. Our experts work closely with your staff to define a plan for automatically digitizing records not created electronically from a designated date onward helping you establish a convenient, cost-effective way to streamline processes and minimize future storage requirements and costs. Image on Demand. The Iron Mountain Image on Demand service gives you the flexibility to digitize only what you need, when you need it, and deliver it in a timely manner. Image on Demand enables you to selectively convert only the portions of the patient record required for clinical care, encrypted for secure transmission to the EMR system and avoiding the costs typically associated with a large-scale conversion initiative. Backfile Conversion. Iron Mountain can help you establish a fast, efficient process for the bulk conversion of paper records to electronic format. Our Backfile Conversion process employs a project-based approach focusing on converting a specific subset of your existing records such as those generated within the last year only enabling you to rapidly populate your EMR system, while keeping costs under control. Film Digitization To help our healthcare partners move to a fully digital environment, Iron Mountain also provides full scanning and digitization services for our radiology customers. X-ray on Demand. Iron Mountain X-ray on Demand provides a scanning and digitization service for radiology customers storing analog films with Iron Mountain. When an x-ray study is requested, we retrieve, digitize and then convert the film to a standard format. It is then indexed, encrypted for security, and sent to your PACS or a quality control station. X-ray on Demand lowers total cost of ownership and enables a healthcare provider to proactively plan for managing historical radiology records as an integral part of the conversion to a fully filmless radiology environment. Whatever Iron Mountain Document Conversion Service you choose, you can feel confident your information will remain highly protected yet readily accessible throughout the conversion process. Our holistic approach not only helps you cost-effectively convert your documents but also offers you access to the data backup and archiving solutions necessary to ensure that, once created, your electronic data is fully protected and preserved. 8

9 The Bottom Line: Iron Mountain ensures our Document Conversion Services are compliant with HIPAA regulations, so you can be compliant too.

10 Iron Mountain Document Conversion Services End-to-end compliance Iron Mountain has established proven workflows for document conversion based on best practices, and we apply these workflows consistently throughout our operations. We operate Imaging Centers across the country, which are staffed by trained personnel and equipped with the latest technologies, security systems, and careful monitoring of every action and process. The bottom line is, we make sure our Document Conversion Services are compliant with HIPAA regulations, so you can be compliant too. Key Requirements of the HIPAA Privacy and Security Rules The HIPAA Privacy Rule is intended to ensure that Protected Health Information is not used or disclosed inappropriately or without the patient s permission. The Security Rule is specifically designed to protect PHI that is used and stored electronically. Both aspects of the rule apply to document conversion. HIPAA rules cover three broad areas of activities: Administrative Safeguards. Operational processes and procedures, such as training, workflow, and the release of information, to ensure information is always handled according to policy. This section of HIPAA also requires a contingency plan, also known as a disaster recovery plan. Physical Safeguards. Physical controls, such as locks, access to keys and supervision, to protect against unauthorized physical access. Technical Safeguards. Data-related information systems and associated controls, such as database security, network protection and user authorizations and passwords, to protect data from software intrusions and attacks. 10

11 Administrative Safeguards HIPAA requires that PHI and ephi be protected and secured throughout all stages of document conversion. This means documented procedures for operational processes such as training, workflow and contingency planning must be put in place to ensure that information is always handled according to policy. Iron Mountain meets this requirement, and helps you meet it, in several ways. Access and Uses. Iron Mountain uses and discloses PHI only for the purpose of delivering our services in response to requests from our customers, as required under HIPAA. To make sure this happens, we: Physically restrict access to customer PHI during transit, conversion and storage of both the original paper documents and the converted electronic records. Electronically track and maintain an auditable log of all tasks and operations performed. Provide you with tools to manage how your employees access digital records through Iron Mountain Connect. Privacy Policies and Procedures. Iron Mountain has established standard operating procedures for our imaging and records conversion processes, and these procedures are uniformly applied at each of our Imaging Centers. Our staff is trained on our document imaging procedures, and adherence is verified through regular site inspections. Workforce Training and Management. HIPAA requires training of workers who handle PHI. Iron Mountain s training program for document conversion is thorough and compliant. Since document conversion invariably involves the handling of patient information, our Imaging Center staff receives training and instruction on HIPAA regulations. In addition, our workforce management procedures include: Comprehensive background checks for new hires. Comprehensive training specifically addressing HIPAA requirements. Code of Conduct and Ethics Training. Document Conversion Compliance Checklist HIPAA regulations now require your business associates, as well as your own institution, to be compliant. Iron Mountain maintains the following policies and procedures to promote compliance. Administrative Fully documented chain of custody Policy of accessing and retrieving only the minimum information needed to perform a specific job or task Written protocols and training for handling Protected Health Information Documenting and monitoring workflows Web software to help you manage and track recordsrelated activities Audit trail and documentation of physical and electronic disposal policies and procedures Screening of employees using comprehensive background checks Mitigation. In order to achieve and maintain compliance, you must evaluate the security and compliance of your document conversion program on a regular basis. Iron Mountain has a team dedicated to monitoring HIPAA requirements and evaluating our compliance. This team proactively tracks changes to industry regulations and works with Iron Mountain operations personnel on an ongoing basis to improve processes, mitigate risks, and ensure continued compliance. Data Safeguards. Processes should be in place to safeguard data at all stages of document conversion. Iron Mountain maintains data safeguards for records in our care across all operations and for all personnel. Safeguards include: Restricted access to customer PHI throughout transit, scanning, storage and disposal. Monitoring and tracking of all activities. Highly secure, best-in-class facilities protected by state-of-the-art security systems. 11

12 Documentation and Record Retention. HIPAA requires documentation that records are protected throughout their lifetime, up to and including their destruction. Iron Mountain helps you maintain compliance by using Iron Mountain Connect, which allows you to capture and manage the retention status of your documents. Once documents have been scanned, original files may be stored securely at Iron Mountain facilities or destroyed using compliant destruction processes, which include multiple sign-offs, audited chain of custody and a Certificate of Destruction. Contingency Plan. Iron Mountain s contingency planning for Document Conversion Services includes multiple layers. A minimum of two business document scanners are installed in each Imaging Center, providing in-center redundancy and backup capability. In addition, our scanners are under regular maintenance contracts to help minimize unscheduled downtime. Furthermore, all of our Imaging Centers utilize highly redundant, centralized back-end processors. This offers you a high degree of reliability and protection as it enables each Imaging Center to provide recovery for the other centers in the event of a disaster. Our Disaster Recovery services offer: Centralized management that allows application software and supporting documentation to be distributed to any site in minutes. Standard operating procedures for consistent operations regardless of physical location. Centralized processors that use redundant, fault-tolerant equipment. Centralized back-end processors located in an Iron Mountain Data Center that is 220 feet underground in a geographically stable location; the backup site is in a similar secure underground location over 500 miles away. Audit Trail. Iron Mountain maintains and helps you maintain an auditable trail of all activities related to document conversion. You always know where your documents are, whether paper or electronic, and you can produce a variety of reports to meet both HIPAA requirements and your own administrative policies. Among the ways we help you meet the auditing requirement: Secure Web-based portal providing the ability to track, manage and report on document conversion and all other aspects of records management. All records requests are logged and recorded in Iron Mountain SafeKeeper PLUS. Document Conversion Compliance Checklist Physical Centralized location or vendor for storage of physical records and conversion services Physical access controls, such as locked facilities and visual monitoring Intrusion detection and alarm systems Environmental controls, fire detection and suppression systems Secure destruction of electronic records in accordance with retention policies Technical Firewall and virus protection Secure password protection Role-based access rules, so users can access only the software and data to which they have been granted access Unique user IDs to identify and track users Monitoring of Iron Mountain employees who log on and gain access to data Automated backup of all records at separate locations Direct integration with major EMR systems or delivery via a secure FTP site Tracking and logging by Iron Mountain of all tasks and operators. Consistent workflows that guide all activities related to scanning and other records activities. 12

13 Physical Requirements HIPAA requires you and your partners to have controls such as locks, restricted access to keys, and supervision to ensure computer systems and patient information are protected from unauthorized physical access. At Iron Mountain, we ve developed what we believe are the highest standards for facility security in the industry. Our facility standards include: Placement of facilities outside of high risk areas, with comprehensive risk assessment processes for all facilities. Careful incorporation of physical access controls. Advanced fire-suppression controls with both ceiling and in-rack sprinkler systems. Intrusion detection systems, monitored by a central station. Strictly enforced process controls for the admittance and monitoring of personnel entering and exiting facilities. Mandatory facility audits to enforce accountability and monitor compliance with standards. Geographically separated, world-class underground data centers. Technical Requirements HIPAA requires safeguards for data-related information systems and associated controls, such as database security, network protection and user authorizations and passwords, which protect ephi and control access to it. Iron Mountain employs advanced technical security measures for our role in the storage and transmission of information. We will also work closely with your IT staff to help you implement compliant best practices within your own organization. Our technical safeguards include: Firewall and virus protection. Secure password protection. Role-based access rules, so users can access only the software and data to which they have been granted access. Unique user IDs to identify and track user identity. Monitoring of Iron Mountain employees who log on and gain access to data. Direct integration with major EMR systems or delivery via a secure FTP site. In addition, our Document Conversion Services offer additional safeguards to protect information integrity, such as: Centralized scanning for uniform quality across Imaging Centers. Automated contrast, brightness and threshold adjustments to optimize image quality. Multi-feed detection to prevent page overlaps and missed images. VirtualReScan software, a software option that offers automated color detection and capture, content-based image rotation, image deskewing, image despeckling, image cropping, blank page removal, background suppression, and hole punch fill-in. 13

14 Beyond Compliance Iron Mountain goes beyond compliance. We employ best practices developed through our years of experience working with leading healthcare institutions around the country. This best-practice approach ensures all reasonable measures are taken to protect patient information, to remain in good standing with the law, and to promote a positive image in the community.

15 CONCLUSION The transition to EMR is accelerating, and so is the importance of document conversion. As part of the Iron Mountain EMR Enablement Solution, our Document Conversion Services offer more than just a comprehensive approach to conversion we offer the confidence and peace of mind that our solution is time-tested and compliant. Our Imaging Centers are built on years of bestpractice experience at the country s leading hospitals. We have a staff trained to the highest standards and state-of-the-art equipment. With Iron Mountain, you get the conversion services necessary to accelerate your EMR transition, while ensuring your information remains securely protected yet readily accessible throughout the process. To learn more about our HIPAA-compliant Document Conversion Services for healthcare, contact us today at IRON (4766). 15

16 THE HIPAA PRIMER HIPAA Primer series Our HIPAA Primer Series offers you in-depth insights into the proven best practice policies and procedures Iron Mountain employs to ensure that our solutions not only meet but exceed HIPAA requirements. To learn more about how a specific solution can help you ensure your information remains highly secure yet readily accessible throughout its lifecycle, check out our other best practice guides from this series, including: IRON MOUNTAIN Cloud Storage SOLUTIONS HIPAA-Compliant Solutions for Health Information Challenges Iron Mountain data protection services Proven, Trusted and HIPAA-Compliant Media Management iron mountain document conversion Services The HIPAA-Compliant Approach to EMR Transition Iron Mountain records management services HIPAA-Compliant Solutions That Keep You Compliant Iron Mountain release of information services Coming Soon About Iron Mountain. Iron Mountain Incorporated (NYSE: IRM) provides information management services that help organizations lower the costs, risks and inefficiencies of managing their physical and digital data. Founded in 1951, Iron Mountain manages billions of information assets, including backup and archival data, electronic records, document imaging, business records, secure shredding, and more, for organizations around the world. Visit the company Web site at for more information Iron Mountain Incorporated. All rights reserved. Iron Mountain, the design of the mountain, LiveVault, Digital Record Center, SafeKeeper PLUS, Iron Mountain Connect and Image on Demand are trademarks or registered trademarks of Iron Mountain Incorporated in the U.S. and other countries. All other trademarks are the property of their respective owners. US-HIS-EXT-WP IRON (4766) / ironmountain.com 16

Contents. Best Practices Guide. 3 Physical Records: The Ongoing Compliance Challenge

Contents. Best Practices Guide. 3 Physical Records: The Ongoing Compliance Challenge Best Practices Guide HIPAA Primer series HEALTHCARE Iron Mountain Records Management Services HIPAA-Compliant Solutions that keep you compliant Contents 3 Physical Records: The Ongoing Compliance Challenge

More information

and the Omnibus Final Rule

and the Omnibus Final Rule Best Practices Guide The HIPAA Primer Healthcare What You Should Know About HIPAA and the Omnibus Final Rule Contents 3 What s New With HIPAA? 8 Five Questions To Ask Your Vendors 12 Best Practices: Beyond

More information

Data Protection. Secure Media Management. Offsite Tape Vaulting Drives Efficiencies, Enhances Control and Improves Audit Readiness

Data Protection. Secure Media Management. Offsite Tape Vaulting Drives Efficiencies, Enhances Control and Improves Audit Readiness Data Protection Secure Media Management Offsite Tape Vaulting Drives Efficiencies, Enhances Control and Improves Audit Readiness Data Protection Safeguarding your organization s information with: Media

More information

Speed the transition to an electronic environment. Comprehensive, Integrated Management of Physical and Electronic Documents

Speed the transition to an electronic environment. Comprehensive, Integrated Management of Physical and Electronic Documents DOCUMENT MANAGEMENT SOLUTIONS Speed the transition to an electronic environment Comprehensive, Integrated Management of Physical and Electronic Documents Store, protect and control your essential business

More information

secure shredding Services Secure, Compliant, Cost-Effective, Environmentally Responsible Information Destruction Secure Shredding

secure shredding Services Secure, Compliant, Cost-Effective, Environmentally Responsible Information Destruction Secure Shredding secure shredding Secure Shredding Services Secure, Compliant, Cost-Effective, Environmentally Responsible Information Destruction Does This Sound Familiar? I want to protect my company s reputation and

More information

RECORDS MANAGEMENT RECORDS MANAGEMENT SERVICES. Cost-Effective, Legally Defensible Records Management

RECORDS MANAGEMENT RECORDS MANAGEMENT SERVICES. Cost-Effective, Legally Defensible Records Management RECORDS MANAGEMENT RECORDS MANAGEMENT SERVICES Cost-Effective, Legally Defensible Records Management Does This Sound Familiar? A data breach could send our share price tumbling. I need to minimise our

More information

WHITE PAPER. HIPAA-Compliant Data Backup and Disaster Recovery

WHITE PAPER. HIPAA-Compliant Data Backup and Disaster Recovery WHITE PAPER HIPAA-Compliant Data Backup and Disaster Recovery DOCUMENT INFORMATION HIPAA-Compliant Data Backup and Disaster Recovery PRINTED March 2011 COPYRIGHT Copyright 2011 VaultLogix, LLC. All Rights

More information

Contents. Document Conversion Services

Contents. Document Conversion Services tech brief Document Conversion Services Document Management Solutions Integrated, Secure Document Imaging Program Contents 2 Intelligent Conversion 2 Flexible Input-Output Options 2 Hardware 3 Software

More information

Bridging the HIPAA/HITECH Compliance Gap

Bridging the HIPAA/HITECH Compliance Gap CyberSheath Healthcare Compliance Paper www.cybersheath.com -65 Bridging the HIPAA/HITECH Compliance Gap Security insights that help covered entities and business associates achieve compliance According

More information

Heather L. Hughes, J.D. HIPAA Privacy Officer U.S. Legal Support, Inc. hhughes@uslegalsupport.com www.uslegalsupport.com

Heather L. Hughes, J.D. HIPAA Privacy Officer U.S. Legal Support, Inc. hhughes@uslegalsupport.com www.uslegalsupport.com Heather L. Hughes, J.D. HIPAA Privacy Officer U.S. Legal Support, Inc. hhughes@uslegalsupport.com www.uslegalsupport.com HIPAA Privacy Rule Sets standards for confidentiality and privacy of individually

More information

HIPAA: Understanding The Omnibus Rule and Keeping Your Business Compliant

HIPAA: Understanding The Omnibus Rule and Keeping Your Business Compliant 1 HIPAA: Understanding The Omnibus Rule and Keeping Your Business Compliant Introduction U.S. healthcare laws intended to protect patient information (Protected Health Information or PHI) and the myriad

More information

HIPAA COMPLIANCE AND DATA PROTECTION. sales@eaglenetworks.it +39 030 201.08.25 Page 1

HIPAA COMPLIANCE AND DATA PROTECTION. sales@eaglenetworks.it +39 030 201.08.25 Page 1 HIPAA COMPLIANCE AND DATA PROTECTION sales@eaglenetworks.it +39 030 201.08.25 Page 1 CONTENTS Introduction..... 3 The HIPAA Security Rule... 4 The HIPAA Omnibus Rule... 6 HIPAA Compliance and EagleHeaps

More information

Gain Efficiency, Cost Savings and Compliance with Iron Mountain s Portfolio of Services

Gain Efficiency, Cost Savings and Compliance with Iron Mountain s Portfolio of Services ONE SOLUTION Maximize the Business Value of Your Information Gain Efficiency, Cost Savings and Compliance with Iron Mountain s Portfolio of Services In today s world, information whether in paper or digital

More information

HIPAA Compliance Guide

HIPAA Compliance Guide HIPAA Compliance Guide Important Terms Covered Entities (CAs) The HIPAA Privacy Rule refers to three specific groups as covered entities, including health plans, healthcare clearinghouses, and health care

More information

healthcare Iron Mountain

healthcare Iron Mountain healthcare Iron Mountain EMR Scanning Survey Report Introduction One year after the Centers for Medicare & Medicaid Services (CMS) set criteria for electronic health records, 70% of hospitals expect to

More information

Ensuring HIPAA Compliance with Pros 4 Technology Online Backup and Archiving Services

Ensuring HIPAA Compliance with Pros 4 Technology Online Backup and Archiving Services Ensuring HIPAA Compliance with Pros 4 Technology Online Backup and Archiving Services Introduction Patient privacy has become a major topic of concern over the past several years. With the majority of

More information

8 REASONS TO OUTSOURCE RECORDS MANAGEMENT

8 REASONS TO OUTSOURCE RECORDS MANAGEMENT Contents: Untapped Opportunity 8 REASONS TO OUTSOURCE RECORDS MANAGEMENT Before you decide to manage your own records, take a minute to think inside the box. In this report, you will learn some of the

More information

HIPAA Security. 2 Security Standards: Administrative Safeguards. Security Topics

HIPAA Security. 2 Security Standards: Administrative Safeguards. Security Topics HIPAA Security SERIES Security Topics 1. Security 101 for Covered Entities 5. 2. Security Standards - Organizational, Security Policies Standards & Procedures, - Administrative and Documentation Safeguards

More information

White Paper Achieving HIPAA Compliance through Security Information Management. White Paper / HIPAA

White Paper Achieving HIPAA Compliance through Security Information Management. White Paper / HIPAA White Paper Achieving HIPAA Compliance through Security Information Management White Paper / HIPAA Contents Executive Summary... 1 Introduction: Brief Overview of HIPAA... 1 The HIPAA Challenge: Protecting

More information

Ensuring HIPAA Compliance with eztechdirect Online Backup and Archiving Services

Ensuring HIPAA Compliance with eztechdirect Online Backup and Archiving Services Ensuring HIPAA Compliance with eztechdirect Online Backup and Archiving Services Introduction Patient privacy continues to be a chief topic of concern as technology continues to evolve. Now that the majority

More information

Preemptive security solutions for healthcare

Preemptive security solutions for healthcare Helping to secure critical healthcare infrastructure from internal and external IT threats, ensuring business continuity and supporting compliance requirements. Preemptive security solutions for healthcare

More information

HIPAA COMPLIANCE AND

HIPAA COMPLIANCE AND INTRONIS CLOUD BACKUP & RECOVERY HIPAA COMPLIANCE AND DATA PROTECTION CONTENTS Introduction 3 The HIPAA Security Rule 4 The HIPAA Omnibus Rule 6 HIPAA Compliance and Intronis Cloud Backup and Recovery

More information

Ensuring HIPAA Compliance with AcclaimVault Online Backup and Archiving Services

Ensuring HIPAA Compliance with AcclaimVault Online Backup and Archiving Services Ensuring HIPAA Compliance with AcclaimVault Online Backup and Archiving Services 1 Contents 3 Introduction 5 The HIPAA Security Rule 7 HIPAA Compliance & AcclaimVault Backup 8 AcclaimVault Security and

More information

Software Escrow Service Workflow. Comprehensive and Trusted Software Escrow Services from Iron Mountain.

Software Escrow Service Workflow. Comprehensive and Trusted Software Escrow Services from Iron Mountain. escrow Software Escrow Service Workflow Comprehensive and Trusted Software Escrow Services from Iron Mountain. Get it right every time. Mission-critical technology is everywhere, and you depend on it every

More information

RECORDS MANAGEMENT SERVICES. Cost-Effective, Legally Defensible Records Management

RECORDS MANAGEMENT SERVICES. Cost-Effective, Legally Defensible Records Management RECORDS MANAGEMENT RECORDS MANAGEMENT SERVICES Cost-Effective, Legally Defensible Records Management Does This Sound Familiar? A data breach could send our stock price tumbling. I need to minimize our

More information

HIPAA Compliance and the Protection of Patient Health Information

HIPAA Compliance and the Protection of Patient Health Information HIPAA Compliance and the Protection of Patient Health Information WHITE PAPER By Swift Systems Inc. April 2015 Swift Systems Inc. 7340 Executive Way, Ste M Frederick MD 21704 1 Contents HIPAA Compliance

More information

Unified Security Anywhere HIPAA COMPLIANCE ACHIEVING HIPAA COMPLIANCE WITH MASERGY PROFESSIONAL SERVICES

Unified Security Anywhere HIPAA COMPLIANCE ACHIEVING HIPAA COMPLIANCE WITH MASERGY PROFESSIONAL SERVICES Unified Security Anywhere HIPAA COMPLIANCE ACHIEVING HIPAA COMPLIANCE WITH MASERGY PROFESSIONAL SERVICES HIPAA COMPLIANCE Achieving HIPAA Compliance with Security Professional Services The Health Insurance

More information

Preparing for the HIPAA Security Rule

Preparing for the HIPAA Security Rule A White Paper for Health Care Professionals Preparing for the HIPAA Security Rule Introduction The Health Insurance Portability and Accountability Act (HIPAA) comprises three sets of standards transactions

More information

The HIPAA Security Rule Primer A Guide For Mental Health Practitioners

The HIPAA Security Rule Primer A Guide For Mental Health Practitioners The HIPAA Security Rule Primer A Guide For Mental Health Practitioners Distributed by NASW Printer-friendly PDF 2006 APAPO 1 Contents Click on any title below to jump to that page. 1 What is HIPAA? 3 2

More information

Hosting for Healthcare: ADDRESSING THE UNIQUE ISSUES OF HEALTH IT & ACHIEVING END-TO-END COMPLIANCE

Hosting for Healthcare: ADDRESSING THE UNIQUE ISSUES OF HEALTH IT & ACHIEVING END-TO-END COMPLIANCE Hosting for Healthcare: ADDRESSING THE UNIQUE ISSUES OF HEALTH IT & ACHIEVING END-TO-END COMPLIANCE [ Hosting for Healthcare: Addressing the Unique Issues of Health IT & Achieving End-to-End Compliance

More information

HIPAA Security Rule Compliance

HIPAA Security Rule Compliance HIPAA Security Rule Compliance Caryn Reiker MAXIS360 HIPAA Security Rule Compliance what is it and why you should be concerned about it Table of Contents About HIPAA... 2 Who Must Comply... 2 The HIPAA

More information

HIPAA Compliance Guide

HIPAA Compliance Guide HIPAA Compliance Guide Important Terms Covered Entities (CAs) The HIPAA Privacy Rule refers to three specific groups as covered entities, including health plans, healthcare clearinghouses, and health care

More information

Datto Compliance 101 1

Datto Compliance 101 1 Datto Compliance 101 1 Overview Overview This document provides a general overview of the Health Insurance Portability and Accounting Act (HIPAA) compliance requirements for Managed Service Providers (MSPs)

More information

The HIPAA Security Rule Primer Compliance Date: April 20, 2005

The HIPAA Security Rule Primer Compliance Date: April 20, 2005 AMERICAN PSYCHOLOGICAL ASSOCIATION PRACTICE ORGANIZATION Practice Working for You The HIPAA Security Rule Primer Compliance Date: April 20, 2005 Printer-friendly PDF 1 Contents Click on any title below

More information

HIPAA Privacy & Security White Paper

HIPAA Privacy & Security White Paper HIPAA Privacy & Security White Paper Sabrina Patel, JD +1.718.683.6577 sabrina@captureproof.com Compliance TABLE OF CONTENTS Overview 2 Security Frameworks & Standards 3 Key Security & Privacy Elements

More information

HIPAA and Mental Health Privacy:

HIPAA and Mental Health Privacy: HIPAA and Mental Health Privacy: What Social Workers Need to Know Presenter: Sherri Morgan, JD, MSW Associate Counsel, NASW Legal Defense Fund and Office of Ethics & Professional Review 2010 National Association

More information

A Cloud Storage Solution. Digital Record Center for Medical Images

A Cloud Storage Solution. Digital Record Center for Medical Images healthcare A Cloud Storage Solution for Unstructured data Digital Record Center for Medical Images Digital Record center for medical images A Climate that Demands a New Storage ApproACh Today, healthcare

More information

The Impact of HIPAA and HITECH

The Impact of HIPAA and HITECH The Health Insurance Portability & Accountability Act (HIPAA), enacted 8/21/96, was created to protect the use, storage and transmission of patients healthcare information. This protects all forms of patients

More information

IBM Internet Security Systems. The IBM Internet Security Systems approach for Health Insurance Portability and Accountability Act compliance overview

IBM Internet Security Systems. The IBM Internet Security Systems approach for Health Insurance Portability and Accountability Act compliance overview IBM Internet Security Systems The IBM Internet Security Systems approach for Health Insurance Portability and Accountability Act compliance overview Health Insurance Portability and Accountability Act

More information

WHITE PAPER. HIPPA Compliance and Secure Online Data Backup and Disaster Recovery

WHITE PAPER. HIPPA Compliance and Secure Online Data Backup and Disaster Recovery WHITE PAPER HIPPA Compliance and Secure Online Data Backup and Disaster Recovery January 2006 HIPAA Compliance and the IT Portfolio Online Backup Service Introduction October 2004 In 1996, Congress passed

More information

Practices for Managing Information Protection & Storage

Practices for Managing Information Protection & Storage HIPAA Compliance and Best Practices for Managing Information Protection & Storage Wednesday, March 31, 2010 Sponsored by: Moderator Bernie Monegain Editor Healthcare IT News Guest Speakers Shawna Ridley,

More information

Infor CloudSuite. Defense-in-depth. Table of Contents. Technical Paper Plain talk about Infor CloudSuite security

Infor CloudSuite. Defense-in-depth. Table of Contents. Technical Paper Plain talk about Infor CloudSuite security Technical Paper Plain talk about security When it comes to Cloud deployment, security is top of mind for all concerned. The Infor CloudSuite team uses best-practice protocols and a thorough, continuous

More information

CREATIVE SOLUTIONS IN HEALTHCARE, INC. Privacy Policy

CREATIVE SOLUTIONS IN HEALTHCARE, INC. Privacy Policy CREATIVE SOLUTIONS IN HEALTHCARE, INC. Privacy Policy Amended as of February 12, 2010 on the authority of the HIPAA Privacy Officer for Creative Solutions in Healthcare, Inc. TABLE OF CONTENTS ARTICLE

More information

Understanding HIPAA Privacy and Security Helping Your Practice Select a HIPAA- Compliant IT Provider A White Paper by CMIT Solutions

Understanding HIPAA Privacy and Security Helping Your Practice Select a HIPAA- Compliant IT Provider A White Paper by CMIT Solutions Understanding HIPAA Privacy and Security Helping Your Practice Select a HIPAA- Compliant IT Provider A White Paper by CMIT Solutions Table of Contents Understanding HIPAA Privacy and Security... 1 What

More information

Ensuring HIPAA Compliance with Computer BYTES Online Backup and Archiving Services

Ensuring HIPAA Compliance with Computer BYTES Online Backup and Archiving Services Ensuring HIPAA Compliance with Computer BYTES Online Backup and Archiving Services Page 2 of 8 Introduction Patient privacy has become a major topic of concern over the past several years. With the majority

More information

HIPAA Security Matrix

HIPAA Security Matrix HIPAA Matrix Hardware : 164.308(a)(1) Management Process =Required, =Addressable Risk Analysis The Covered Entity (CE) can store its Risk Analysis document encrypted and offsite using EVault managed software

More information

Health Care Information Privacy The HIPAA Regulations What Has Changed and What You Need to Know

Health Care Information Privacy The HIPAA Regulations What Has Changed and What You Need to Know Health Care Information Privacy The HIPAA Regulations What Has Changed and What You Need to Know Note: Information provided to NCRA by Melodi Gates, Associate with Patton Boggs, LLC Privacy and data protection

More information

make your information work kfor you Place image here

make your information work kfor you Place image here 8 things that can help make your information Place image here work kfor you 2009 Iron Mountain Incorporated. All rights reserved. Iron Mountain and the design of the mountain are registered trademarks

More information

HIPAA Compliance: Are you prepared for the new regulatory changes?

HIPAA Compliance: Are you prepared for the new regulatory changes? HIPAA Compliance: Are you prepared for the new regulatory changes? Baker Tilly CARIS Innovation, Inc. April 30, 2013 Baker Tilly refers to Baker Tilly Virchow Krause, LLP, an independently owned and managed

More information

Healthcare Compliance Solutions

Healthcare Compliance Solutions Healthcare Compliance Solutions Let Protected Trust be your Safe Harbor In the Health Information Technology for Economic and Clinical Health Act of 2009 (HITECH), the U.S. Department of Health and Human

More information

HIPAA Security. 1 Security 101 for Covered Entities. Security Topics

HIPAA Security. 1 Security 101 for Covered Entities. Security Topics HIPAA SERIES Topics 1. 101 for Covered Entities 2. Standards - Administrative Safeguards 3. Standards - Physical Safeguards 4. Standards - Technical Safeguards 5. Standards - Organizational, Policies &

More information

WHITEPAPER XMEDIUSFAX CLOUD FOR HEALTHCARE AND HIPAA COMPLIANCE

WHITEPAPER XMEDIUSFAX CLOUD FOR HEALTHCARE AND HIPAA COMPLIANCE WHITEPAPER XMEDIUSFAX CLOUD FOR HEALTHCARE AND HIPAA COMPLIANCE INTRODUCTION The healthcare industry is driven by many specialized documents. Each day, volumes of critical information are sent to and from

More information

Faster, Smarter, More Secure: IT Services Geared for the Health Care Industry A White Paper by CMIT Solutions

Faster, Smarter, More Secure: IT Services Geared for the Health Care Industry A White Paper by CMIT Solutions Faster, Smarter, More Secure: IT Services Geared for the Health Care Industry A White Paper by CMIT Solutions Table of Contents Introduction... 3 1. Data Backup: The Most Critical Part of any IT Strategy...

More information

HIPAA HANDBOOK. Keeping your backup HIPAA-compliant

HIPAA HANDBOOK. Keeping your backup HIPAA-compliant The federal Health Insurance Portability and Accountability Act (HIPAA) spells out strict regulations for protecting health information. HIPAA is expansive and can be a challenge to navigate. Use this

More information

Information Protection Framework: Data Security Compliance and Today s Healthcare Industry

Information Protection Framework: Data Security Compliance and Today s Healthcare Industry Information Protection Framework: Data Security Compliance and Today s Healthcare Industry Executive Summary Today s Healthcare industry is facing complex privacy and data security requirements. The movement

More information

HIPAA Security Rule Safeguards Recommended Standards Developed by: USF HIPAA Security Team May 12, 2005

HIPAA Security Rule Safeguards Recommended Standards Developed by: USF HIPAA Security Team May 12, 2005 INTRODUCTION HIPAA Security Rule Safeguards Recommended Standards Developed by: USF HIPAA Security Team May 12, 2005 The Health Insurance Portability and Accountability Act (HIPAA) Security Rule, as a

More information

The Basics of HIPAA Privacy and Security and HITECH

The Basics of HIPAA Privacy and Security and HITECH The Basics of HIPAA Privacy and Security and HITECH Protecting Patient Privacy Disclaimer The content of this webinar is to introduce the principles associated with HIPAA and HITECH regulations and is

More information

CHIS, Inc. Privacy General Guidelines

CHIS, Inc. Privacy General Guidelines CHIS, Inc. and HIPAA CHIS, Inc. provides services to healthcare facilities and uses certain protected health information (PHI) in connection with performing these services. Therefore, CHIS, Inc. is classified

More information

Health Insurance Portability and Accountability Act (HIPAA) and Health Information Technology for Economic and Clinical Health Act (HITECH)

Health Insurance Portability and Accountability Act (HIPAA) and Health Information Technology for Economic and Clinical Health Act (HITECH) Health Insurance Portability and Accountability Act (HIPAA) and Health Information Technology for Economic and Clinical Health Act (HITECH) Table of Contents Introduction... 1 1. Administrative Safeguards...

More information

SUBJECT: SECURITY OF ELECTRONIC MEDICAL RECORDS COMPLIANCE WITH THE HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT OF 1996 (HIPAA)

SUBJECT: SECURITY OF ELECTRONIC MEDICAL RECORDS COMPLIANCE WITH THE HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT OF 1996 (HIPAA) UNIVERSITY OF PITTSBURGH POLICY SUBJECT: SECURITY OF ELECTRONIC MEDICAL RECORDS COMPLIANCE WITH THE HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT OF 1996 (HIPAA) DATE: March 18, 2005 I. SCOPE This

More information

ARRA HITECH Stimulus HIPAA Security Compliance Reporter. White Paper

ARRA HITECH Stimulus HIPAA Security Compliance Reporter. White Paper ARRA HITECH Stimulus HIPAA Security Compliance Reporter White Paper ARRA HITECH AND ACR2 HIPAA SECURITY The healthcare industry is in a time of great transition, with a government mandate for EHR/EMR systems,

More information

HIPAA and Cloud IT: What You Need to Know

HIPAA and Cloud IT: What You Need to Know HIPAA and Cloud IT: What You Need to Know A Guide for Healthcare Providers and Their Business Associates GDS WHITE PAPER HIPAA and Cloud IT: What You Need to Know As a health care provider or business

More information

VMware vcloud Air HIPAA Matrix

VMware vcloud Air HIPAA Matrix goes to great lengths to ensure the security and availability of vcloud Air services. In this effort VMware has completed an independent third party examination of vcloud Air against applicable regulatory

More information

OCTOBER 2013 PART 1. Keeping Data in Motion: How HIPAA affects electronic transfer of protected health information

OCTOBER 2013 PART 1. Keeping Data in Motion: How HIPAA affects electronic transfer of protected health information OCTOBER 2013 PART 1 Keeping Data in Motion: How HIPAA affects electronic transfer of protected health information Part 1: How HIPAA affects electronic transfer of protected health information It is difficult

More information

Leveraging innovative security solutions for government. Helping to protect government IT infrastructure, meet compliance demands and reduce costs

Leveraging innovative security solutions for government. Helping to protect government IT infrastructure, meet compliance demands and reduce costs IBM Global Technology Services Leveraging innovative security solutions for government. Helping to protect government IT infrastructure, meet compliance demands and reduce costs Achieving a secure government

More information

The second section of the HIPAA Security Rule is related to physical safeguards. Physical safeguards are physical measures, policies and procedures

The second section of the HIPAA Security Rule is related to physical safeguards. Physical safeguards are physical measures, policies and procedures The second section of the HIPAA Security Rule is related to physical safeguards. Physical safeguards are physical measures, policies and procedures to protect and secure a covered entity s electronic information

More information

Applying Information Lifecycle Management Strategies Enables Healthcare Providers to Accelerate Clinical Workflow

Applying Information Lifecycle Management Strategies Enables Healthcare Providers to Accelerate Clinical Workflow An EMC Healthcare Perspective Applying Information Lifecycle Management Strategies Enables Healthcare Providers to Accelerate Clinical Workflow By Roberta A. Katz Healthcare Information Technology Challenges........2

More information

PROTECTING YOUR VOICE SYSTEM IN THE CLOUD

PROTECTING YOUR VOICE SYSTEM IN THE CLOUD PROTECTING YOUR VOICE SYSTEM IN THE CLOUD Every enterprise deserves to know what its vendors are doing to protect the data and systems entrusted to them. Leading IVR vendors in the cloud, like Angel, consider

More information

HIPAA and the HITECH Act Privacy and Security of Health Information in 2009

HIPAA and the HITECH Act Privacy and Security of Health Information in 2009 HIPAA and the HITECH Act Privacy and Security of Health Information in 2009 What is HIPAA? Health Insurance Portability & Accountability Act of 1996 Effective April 13, 2003 Federal Law HIPAA Purpose:

More information

HIPAA PRIVACY AND SECURITY AWARENESS

HIPAA PRIVACY AND SECURITY AWARENESS HIPAA PRIVACY AND SECURITY AWARENESS Introduction The Health Insurance Portability and Accountability Act (known as HIPAA) was enacted by Congress in 1996. HIPAA serves three main purposes: To protect

More information

White Paper. 1 800 FASTFILE / www.ironmountain.ca Page 1

White Paper. 1 800 FASTFILE / www.ironmountain.ca Page 1 White Paper LIVEVAULT Top 10 Reasons for Using Online Server Backup and Recovery Introduction Backup of vital company information is critical to a company s survival, no matter what size the company. Recent

More information

FINAL May 2005. Guideline on Security Systems for Safeguarding Customer Information

FINAL May 2005. Guideline on Security Systems for Safeguarding Customer Information FINAL May 2005 Guideline on Security Systems for Safeguarding Customer Information Table of Contents 1 Introduction 1 1.1 Purpose of Guideline 1 2 Definitions 2 3 Internal Controls and Procedures 2 3.1

More information

Healthcare Compliance Solutions

Healthcare Compliance Solutions Privacy Compliance Healthcare Compliance Solutions Trust and privacy are essential for building meaningful human relationships. Let Protected Trust be your Safe Harbor The U.S. Department of Health and

More information

HIPAA RISK ASSESSMENT

HIPAA RISK ASSESSMENT HIPAA RISK ASSESSMENT PRACTICE INFORMATION (FILL OUT ONE OF THESE FORMS FOR EACH LOCATION) Practice Name: Address: City, State, Zip: Phone: E-mail: We anticipate that your Meaningful Use training and implementation

More information

Payment Card Industry Data Security Standard

Payment Card Industry Data Security Standard Symantec Managed Security Services support for IT compliance Solution Overview: Symantec Managed Services Overviewview The (PCI DSS) was developed to facilitate the broad adoption of consistent data security

More information

HIPAA Audit Risk Assessment - Risk Factors

HIPAA Audit Risk Assessment - Risk Factors I II Compliance Compliance I Compliance II SECTION ONE COVERED ENTITY RESPONSIBILITIES AREA ONE Notice of Privacy Practices 1 Is your full notice of privacy practices given to every new patient in your

More information

HIPAA Security Alert

HIPAA Security Alert Shipman & Goodwin LLP HIPAA Security Alert July 2008 EXECUTIVE GUIDANCE HIPAA SECURITY COMPLIANCE How would your organization s senior management respond to CMS or OIG inquiries about health information

More information

Decrypting the Security Risk Assessment (SRA) Requirement for Meaningful Use

Decrypting the Security Risk Assessment (SRA) Requirement for Meaningful Use Click to edit Master title style Decrypting the Security Risk Assessment (SRA) Requirement for Meaningful Use Andy Petrovich, MHSA, MPH M-CEITA / Altarum Institute April 8, 2015 4/8/2015 1 1 Who is M-CEITA?

More information

2011 2012 Aug. Sept. Oct. Nov. Dec. Jan. Feb. March April May-Dec.

2011 2012 Aug. Sept. Oct. Nov. Dec. Jan. Feb. March April May-Dec. The OCR Auditors are coming - Are you next? What to Expect and How to Prepare On June 10, 2011, the U.S. Department of Health and Human Services Office for Civil Rights ( OCR ) awarded KPMG a $9.2 million

More information

HIPAA 203: Security. An Introduction to the Draft HIPAA Security Regulations

HIPAA 203: Security. An Introduction to the Draft HIPAA Security Regulations HIPAA 203: Security An Introduction to the Draft HIPAA Security Regulations Presentation Agenda Security Introduction Security Component Requirements and Impacts Administrative Procedures Physical Safeguards

More information

HIPAA Compliant Infrastructure Services. Real Security Outcomes. Delivered.

HIPAA Compliant Infrastructure Services. Real Security Outcomes. Delivered. Real Security Outcomes. Delivered. Deploying healthcare and healthcare related services to the cloud can be frightening. The requirements of HIPAA can be difficult to navigate, and while many vendors claim

More information

Nationwide Review of CMS s HIPAA Oversight. Brian C. Johnson, CPA, CISA. Wednesday, January 19, 2011

Nationwide Review of CMS s HIPAA Oversight. Brian C. Johnson, CPA, CISA. Wednesday, January 19, 2011 Nationwide Review of CMS s HIPAA Oversight Brian C. Johnson, CPA, CISA Wednesday, January 19, 2011 1 WHAT I DO Manage Region IV IT Audit and Advance Audit Technique Staff (AATS) IT Audit consists of 8

More information

My Docs Online HIPAA Compliance

My Docs Online HIPAA Compliance My Docs Online HIPAA Compliance Updated 10/02/2013 Using My Docs Online in a HIPAA compliant fashion depends on following proper usage guidelines, which can vary based on a particular use, but have several

More information

Secure HIPAA Compliant Cloud Computing

Secure HIPAA Compliant Cloud Computing BUSINESS WHITE PAPER Secure HIPAA Compliant Cloud Computing Step-by-step guide for achieving HIPAA compliance and safeguarding your PHI in a cloud computing environment Step-by-Step Guide for Choosing

More information

Healthcare Security and HIPAA Compliance with A10

Healthcare Security and HIPAA Compliance with A10 WHITE PAPER Healthcare Security and HIPAA Compliance with A10 Contents Moving Medicine to the Cloud: the HIPAA Challenge...3 HIPAA History and Standards...3 HIPAA Compliance and the A10 Solution...4 164.308

More information

White Paper Achieving GLBA Compliance through Security Information Management. White Paper / GLBA

White Paper Achieving GLBA Compliance through Security Information Management. White Paper / GLBA White Paper Achieving GLBA Compliance through Security Information Management White Paper / GLBA Contents Executive Summary... 1 Introduction: Brief Overview of GLBA... 1 The GLBA Challenge: Securing Financial

More information

Somansa Data Security and Regulatory Compliance for Healthcare

Somansa Data Security and Regulatory Compliance for Healthcare Somansa White Paper Somansa Data Security and Regulatory Compliance for Healthcare How Somansa can protect ephi- electronic patient health information and meet the requirements for healthcare compliances,

More information

Joseph Suchocki HIPAA Compliance 2015

Joseph Suchocki HIPAA Compliance 2015 Joseph Suchocki HIPAA Compliance 2015 Sponsored by Eagle Associates, Inc. Eagle Associates provides compliance services for over 1,200 practices nation wide. Services provided by Eagle Associates address

More information

HIPAA, PHI and Email. How to Ensure your Email and Other ephi are HIPAA Compliant. www.fusemail.com

HIPAA, PHI and Email. How to Ensure your Email and Other ephi are HIPAA Compliant. www.fusemail.com How to Ensure your Email and Other ephi are HIPAA Compliant How to Ensure Your Email and Other ephi Are HIPAA Compliant Do you know if the patient appointments your staff makes by email are compliant with

More information

LIBERATING TECHNOLOGY. SEAMLESS SIMPLICITY. Vue for. Cloud Services

LIBERATING TECHNOLOGY. SEAMLESS SIMPLICITY. Vue for. Cloud Services Vue for Cloud Services SEAMLESS SIMPLICITY. Clinicians and referring physicians need the freedom to access patient data quickly and efficiently. But the cost constraints and complexity of owning and maintaining

More information

Orbograph HIPAA/HITECH Compliance, Resiliency and Security

Orbograph HIPAA/HITECH Compliance, Resiliency and Security Orbograph HIPAA/HITECH Compliance, Resiliency and Security Version 1.0 August 2013 Legal Notice This document is delivered subject to the following conditions and restrictions: The document contains proprietary

More information

Double-Take in a HIPAA Regulated Health Care Industry

Double-Take in a HIPAA Regulated Health Care Industry Double-Take in a HIPAA Regulated Health Care Industry Abstract: This document addresses the contingency plan and physical access control requirements of the Administrative Simplification security provision

More information

Medical Privacy Version 2015.12.10 - Standard. Business Associate Agreement. 1. Definitions

Medical Privacy Version 2015.12.10 - Standard. Business Associate Agreement. 1. Definitions Medical Privacy Version 2015.12.10 - Standard Business Associate Agreement This Business Associate Agreement (the Agreement ) shall apply to the extent that the Lux Scientiae HIPAA Customer signee is a

More information

Why Lawyers? Why Now?

Why Lawyers? Why Now? TODAY S PRESENTERS Why Lawyers? Why Now? New HIPAA regulations go into effect September 23, 2013 Expands HIPAA safeguarding and breach liabilities for business associates (BAs) Lawyer is considered a business

More information

WHY CLOUD BACKUP: TOP 10 REASONS

WHY CLOUD BACKUP: TOP 10 REASONS WHITE PAPER DATA PROTECTION WHY CLOUD BACKUP: TOP 10 REASONS Contents REASON #1: Achieve disaster recovery with secure offsite cloud backup REASON #2: Freedom from manual and complex tape backup tasks

More information

Idaho Judicial Branch Scanning and Imaging Guidelines DRAFT - October 25, 2013

Idaho Judicial Branch Scanning and Imaging Guidelines DRAFT - October 25, 2013 Idaho Judicial Branch Scanning and Imaging Guidelines DRAFT - October 25, 2013 A. Introduction Many of Idaho s courts have considered or implemented the use of digital imaging systems to scan court documents

More information

Data Security and Integrity of e-phi. MLCHC Annual Clinical Conference Worcester, MA Wednesday, November 12, 2014 2:15pm 3:30pm

Data Security and Integrity of e-phi. MLCHC Annual Clinical Conference Worcester, MA Wednesday, November 12, 2014 2:15pm 3:30pm Electronic Health Records: Data Security and Integrity of e-phi Worcester, MA Wednesday, 2:15pm 3:30pm Agenda Introduction Learning Objectives Overview of HIPAA HIPAA: Privacy and Security HIPAA: The Security

More information