Page 1

Vendor Management Technology for Ensuring HITECH/HIPAA Security Compliance As the health care frauds began to increase exponentially, the federal government enacted the HIPAA and the HITECH Acts for protecting patient health information. As part of the HITECH act, the adoption of electronic information systems was encouraged to improve operational mobility and efficiency. However, it brought into forefront new security threats, such as, instances of the Protected Health Information (PHI) being stolen, tampered with or publicly disclosed. The federal government therefore toughened their stand and recently even announced the HIPAA Final Omnibus Rule to strengthen the act further. As part of it, the Business Associates of covered entities and downstream contractors were also made liable to comply with all of the rules. As per HIPAA/HITECH, the following are categorized as Business Associates. Billing Companies Consultants that perform utilization reviews for hospitals CPAs, attorneys, and law firms with access to patient health information E-Prescribing Gateways Health Information Organizations Health Care Clearinghouses IT service providers Off-site backup facilities Patient Data Storage Companies Pharmacy benefit managers Remote managed services Sub-contractors dealing with PHI on behalf of BAs Transcription services Vendors of Personal Health Records With the government increasing penalties for non-compliance from $25,000 to $1.5 million per violation, it has become necessary for healthcare practitioners and providers to comply with all of the HIPAA/ HITECH rules. However, for ensuring HITECH/HIPAA security compliance on the part of business associates and contractors, healthcare practitioners and providers must deploy the right vendor management technology. The vendor management solutions automate the security and compliance management process of all external vendors and sub-contractors, thereby allowing healthcare practitioners and providers to know how far their vendors and business associates have progressed in their compliance efforts. Given below is the process outline of a best of the breed vendor management solution. Covered Entity completes a 25-question assessment of all Business Associates that involves four steps: Input all Business Associates into the tool Send the assessment to the Business Associates Business Associates answer the questions online Covered Entity reviews responses and generates a quick compliance report that identifies remedial actions Pursue the high-risk exposure Business Associates with a full assessment Thus with vendor management solutions, healthcare practitioners and providers gain complete visibility and control over the security and compliance posture of all their vendors. This helps them to not only be compliant with the HIPAA/HITECH Acts but also tighten their grip over the business associates and other vendors. Read more on - PCI DSS compliance guide for all business, IT Compliance Management Guide

Vendor management technology for ensuring hitech hipaa security compliance  

As the health care frauds began to increase exponentially, the federal government enacted the HIPAA and the HITECH Acts for protecting patie...

Read more
Read more
Similar to
Popular now
Just for you