Upload
its-alliances-inc
View
160
Download
6
Tags:
Embed Size (px)
DESCRIPTION
Through an annual Software-as-a-Service (SaaS) subscription, we offer a secure web-based architecture Cloud application service, using a consultative methodology approach, working autonomously on-site and or remotely with c-level management or your senior staff, including the designated HIPAA Security or Compliance officer, and others as needed, to identify and evaluate security and privacy risk, as well as develop and execute the internal compliance audits functions for the organization. These frameworks may include ISO 2700xx, SOX, PCI-DSS, HIPAA, HITECH, GLBA, COBIT, and FISMA .
Citation preview
HIPAA/HITECH SOLUTION FOR SMALL MEDICAL PRACTICES AND BUSINESS ASSOCIATES
Presented by:
ITS Alliances, Inc.
Aegify SecureGRC TM
2
HITECH has new CRIMINAL liabilities
WHAT HAS CHANGED?
ITS Alliances, Inc. - www.itsalliances.com - Proprietary and Confidential
Expanded the scope of HIPAA privacy, security and enforcement standards to subject business associates and their subcontractors to the same administrative, technical and physical security safeguard requirements as covered entities, including civil and criminal sanctions for violating the health information privacy of individuals.
WHAT HAS CHANGED?
ITS Alliances, Inc. - Proprietary and Confidential - www.itsalliances.com
DON'T THINK IT CAN HAPPEN TO YOU?
What if a employee steals records? 48% What if a laptop is lost or stolen? 26% What if a BA steals data? 20% What if you lose a Blackberry, IPAD or other
portable data storage? 14% What if some one steals my records after I
dispose of them? 6% What if some one hacks into your network? 4% What if? What if?It happens EVERY day. Of the incidents reported , these were the % of cause.
ITS Alliances, Inc. - Proprietary and Confidential - www.itsalliances.com
5
“Accordingly, we recommend that physicians (and their business associates) plan immediately to comply with these new
breach notification requirements”
BREACH RULES
ITS Alliances, Inc. - Proprietary and Confidential - www.itsalliances.com
6
"Administrative safeguards" focus on workforce training and contingency planning (45 CFR §164.308).
The cornerstones, however, are risk analysis and risk management—both "required." Critical and thorough risk analysis must take place before any attempt at regulatory compliance is made.
ITS Alliances, Inc. - Proprietary and Confidential - www.itsalliances.com
Tough getting started:
Where to begin?
Most smart CE’s and BA’s WANT to be in compliance but don’t know where to start.
7
WHAT IS SO HARD ABOUT BECOMING COMPLIANT?
ITS Alliances, Inc. - Proprietary and Confidential - www.itsalliances.com
WEB based self assessment for HIPAA/HITECH and Security Practices
8
SecureGRC HIPAA/HITECH
ITS Alliances, Inc. - Proprietary and Confidential - www.itsalliances.com
BUILT IN DOCUMENT REPOSITORY
9ITS Alliances, Inc. - Proprietary and Confidential - www.itsalliances.com
HELP IS ALWAYS NEARBY
HELP IS ALWAYS NEARBY
HELP IS ALWAYS NEARBY
13
EVERY QUESTIONS HAS A RISK RATING
ITS Alliances, Inc. - Proprietary and Confidential - www.itsalliances.com
14
SIMPLE, BUT EXTENSIVE FILTERING
ITS Alliances, Inc. - Proprietary and Confidential - www.itsalliances.com
SUBMIT FOR REVIEW
15ITS Alliances, Inc. - Proprietary and Confidential - www.itsalliances.com
Real Time Status
16
SecureGRC SB HIPAA
ITS Alliances, Inc. - Proprietary and Confidential - www.itsalliances.com
SIMPLE REPORTS, SORTED BY HIGHEST RISK
ITS Alliances, Inc. - Proprietary and Confidential - www.itsalliances.com
HIPAA REPORT ON COMPLIANCE (HROC)
18
CE or BA
ITS Alliances, Inc. - Proprietary and Confidential - www.itsalliances.com
SECUREGRC SB HIPAA/HITECH SELF ASSESSMENT
1. Simple2. Inexpensive3. Meets and exceeds HIPAA and HITECH privacy and
security requirements for SB4. Meets and exceeds Section 15 of Meaningful Use 15. Central document repository with automated audit
controls.6. Library of sample policies, procedures and forms.7. Extensive help and best practices8. Requires minimal labor on your part9. Helps manage your BA’s (Vendor Management)10. HIPAA Report on Compliance (HROC)
ITS Alliances, Inc. - Proprietary and Confidential - www.itsalliances.com