The HIPAA Privacy and Security regulations require covered entities to develop policies and procedures specific to the organization's risk and to guide employees in mitigating the risk. JD HealthCare Partners, LLC has worked with healthcare organizations to develop comprehensive policies and procedures that are customized to the business operations of each covered entity.
Risk assessments are required under the HIPAA Security regulations, but what is required? Each covered entity should identify its areas of risk in the context of HIPAA Security, specifically, how does the identified risk impact: (1) The confidentiality of the ePHI, (2) The integrity of the ePHI, and (3) The availability of the ePHI.
See our RESOURCES page under "HIPAA Privacy and Security" for free downloadable risk assessment template and example that you can use to document your risk assessment process.
Determining who is a business associate and ensuring that a signed business associate agreement is in place is a requirement under HIPAA. However, under the Omnibus Rule, covered entities are obligated to obtain satisfactory assurance that business associates have agreements in place with subcontractors who use, disclose, or maintain protected health information (PHI) to protect of the covered entity. What counts as satisfactory assurance? How does a covered entity document this?
JD HealthCare Partners, LLC has experience as a business associate, and as compliance officers working with business associates. to provide sound guidance to ensure compliance. We have developed a business associate template for covered entities to use to document satisfactory assurances from business associates. The document is available of free on our RESOURCES page under "HIPAA Privacy and Security".
As frequent national presenters on HIPAA Privacy and Security, JD HealthCare Partners, LLC has developed several HIPAA training programs for all types of audiences. This expertise has been successfully leveraged by healthcare organizations across the United States.
It is a bad feeling knowing that your PHI has been used or disclosed inappropriately. The clock is ticking, but how do you know what to report, when, and to whom? JD HealthCare Partners, LLC has worked with healthcare organizations and the Office for Civil Rights as consultants and compliance officers in addressing breach reporting situations. Now, that expertise is available for your organization.
Meaningful Use Audits
Implementing an electronic medical record is a significant investment and one that includes reimbursement from the Federal government if certain objectives are achieved. Knowing how to properly document that those objectives are met can be the difference between success and failure when it comes to meaningful use incentive payments. JD HealthCare Partners, LLC is your resource for evaluating and documenting proper meaningful use.
JD HealthCare Partners, LLC has worked with several healthcare organizations and providers to enhance their privacy and security compliance. In addition, our professionals lecture nationally on HIPAA Privacy and Security topics and are experts at helping organizations comply with the requirements of HIPAA, the HITECH amendments, and the HIPAA Omnibus Rule. Specific areas of expertise include:
The following are helpful links to information to assist with your HIPAA Privacy and Security efforts:
JD HealthCare Partners, LLC has collaborated with DoctorsSafeguard.com, a FREE resource for physicians and other health care practitioners, to provide materials and resources for complying with HIPAA.
DoctorsSafeguard.com was developed to provide training and education to the medical community to help protect their practices from drug-seeking patients.
Due to the sensitive content of the training provided on DoctorsSafeguard.com, all subscription applications will be verified prior to activation.
The Office for Civil Rights has published its audit protocol that was used to evaluate HIPAA Privacy and Security programs during its pilot audit program of 2011 and 2012. This audit protocol is extremely helpful for evaluating an organization's HIPAA readiness.