CynergisTek invites all healthcare IT professionals to a half day seminar with FREE lunch and HIPAA compliance updates in the Los Angeles and Portland, Oregon areas. Both events will look at the new era of HIPAA compliance.
Complying with the Omnibus Rule
Healthcare Info Security recently featured Mac McMillan’s advice for Business Associates (BAs). McMillan first addresses that the recent Omnibus Rule defines BAs as “anyone who receives, creates, maintains or transmits protected health information on behalf of a covered entity” and that means BAs are now responsible to comply with the HIPAA Security Rule and several provisions in the HIPAA Privacy Rule. McMillan reminds us that BAs only have until September 23 to be prepared for enforcement.
McMillan advises that BAs should conduct a risk analysis under the HIPAA Security Rule. BAs need to conduct the analysis to identify issues in policies and procedures. Addressing the issues is a stride towards a successful and well-defined security program. He also suggests that educating and training staff on their responsibilities is also key to assuring an effective security program. McMillan provides insight that BAs can find guidance on how to conduct a risk analysis through Office for Civil Rights (OCR) website, as well as North Carolina Healthcare Information and Communications Alliance’s website.
Next, McMillan advises BAs to prepare for having to respond to breaches. Now under the Omnibus Rule BAs will have to notify their covered entity of any loss of personal health information (PHI). He points out that when a BA has an incident, they should consider the severity of the incident based upon what information was lost, who obtained/received the info and any other factors that could reduce the risk of compromise. They will need to analyze this info and document their decision of whether to notify or not.
To read the entire article visit Healthcare Info Security’s site.
Growth Due to Increased Regulatory and Enforcement Activity & Increasing Awareness of Strategic Value of Investing in Security
CynergisTek, announced that the company achieved the highest annual revenue to date with 24% growth in 2012. The company believes that increasing regulations and enforcement of penalties combined with the company’s ongoing involvement in industry associations and publications aided this growth. As a result, in 2012 CynergisTek expanded its partnerships, signed new clients and added new staff resources.
CynergisTek is projecting growth to continue in 2013, with first quarter (Q1) new revenue already coming in up 421%, compared to Q1 2012. The company associates the stellar growth with new regulatory demands, including Centers of Medicare & Medicaid Services (CMS) Meaningful Use audits and the Office of Civil Right (OCR) HIPAA Audit Program, creating an increased need for comprehensive privacy and security solutions.
May 14-May 15, San Antonio, Texas
Regional Texas HIMSS chapters are combining forces to host a fifth annual statewide HIMSS Chapter Conference (Austin, Dallas Fort Worth, San Antonio and South Central Texas Chapters). During the two days. CynergisTek’s team will be exhibiting at booth #13. Come stop by to talk about some of your privacy security and challenges and get a $5 Starbucks gift card.* Staff will be on hand to help address your concerns and tell you more about CynergisTek.
CynergisTek™ will be exhibiting in booth 320 at the Health Care Compliance Association (HCCA) Annual Compliance Institute on April 21-24, 2013 in National Harbor, MD. CynergisTek will focus on best practices and solutions for audit preparedness, privacy monitoring and business associate management. Several of CynergisTek’s partners, including Iatric Systems, Inc. (booth #509), Blass Compliance, LLC – ComplyAssistant (booth #708) and Zix Corporation (booth #901) will also be exhibiting at the conference.
HIPAA’s mounting regulations and enforcements, OCR’s audit program and the final Omnibus Rule are brining a renewed focus to information security in healthcare, urging provider organizations to examine security policies and practices from multiple standpoints. CynergisTek and its partners offer industry expertise and solutions for ensuring that healthcare organizations, business associates and other covered entities sharing protected health information (PHI) are taking the proper security measures to effectively manage their risk and meet compliance mandates.
“The healthcare industry is facing some of the greatest compliance and security expectations we have seen to date,” said Mac McMillan, CEO, CynergisTek. “Given the recent emphasis on regulation and enforcement, and the various compliance audits, providers are being forced to address the gaps in their security programs and bolster their infrastructure to ensure compliance.”
“With the Omnibus Rule now in effect, it is more important than ever for provider organizations to proactively manage their extended risk around their business associates,” said Gerry Blass, President and CEO, Blass Consulting & Compliance. “It is clear from the prevalence of data breaches and hacking incidents that organizations need guidance in assessing and addressing the IT security risks that exist beyond the four walls.”
“As regulatory demands around patient privacy become increasingly complex, providers are realizing the need for expert, outsourced support,” said Rob Rhodes, Senior Director of Patient Privacy Solutions, Iatric Systems. “Demonstrating compliance today is no easy task, and compliance staff are finding themselves overwhelmed with the level of risk analysis, audit maintenance and security monitoring that is required to ensure patient health information is adequately protected in today’s digital landscape.”
Representatives from CynergisTek, Iatric Systems, Blass and ZixCorp will be available at the conference to provide a more detailed overview of the regulatory and compliance challenges facing provider organizations today.
Presented by Pierluigi Stell, CTO of Network Box USA & Mac McMillan, CEO of CynergisTek
Security is an arms race fought 24/7/365.
It is neither a firewall nor an antivirus, but a viable solution which requires committed and constant attention. Staying abreast of all the new threats requires a team of dedicated specialists. This is where you have a choice to make – hire them on a full time basis or outsource your security.
This presentation will make the case about managed security and UTM devices, and clearly demonstrate why both are great solutions, particularly for medium sized companies. It also delves into why Network Box USA provides the best of both these solutions and how it will help you deliver HITECH compliance for your company.