First introduced in 1996, the Health Insurance Portability and Accountability Act (HIPAA) is a comprehensive legislative act that aims to safeguard the Protected Health Information (PHI) of patients and improve health care efficiency. Thanks to HIPAA, individuals can feel secure knowing that their confidential medical records are safe and available for them to access at any time, but inaccessible to the public. In order to preserve the confidentiality of PHI, it’s critical that medical providers and health-related organizations be HIPAA compliant.
Who does HIPAA impact?
Because every person has a medical record, HIPAA impacts each and every one of us. But who needs to be HIPAA compliant? Basically, all individuals or organizations that are classified as “covered entities” or “business associates” who handle PHI are required to be HIPAA compliant. Health plans, health care clearinghouses, and health care providers are all covered entities. Business associates refer to all other persons or organizations outside of covered entities who work with PHI. Because most health data today is stored electronically, even businesses that indirectly interact with patients through technology—such as medical equipment companies—must comply with HIPAA.
Billing services, community health management information systems
Medical transcription services and medical equipment companies
Health Insurance Plans
HMOs, company health plans, Medicare, Medicaid
What is the risk of not being compliant with HIPAA?
Not complying with HIPAA can lead to major personal and financial consequences. First of all, noncompliance quite literally puts individuals’ lives at stake, as it leaves highly confidential medical data at risk of falling into the wrong hands. Secondly, non-compliance can cost your organization dearly: depending on the level of negligence observed by the Office for Civil Rights (OCR, your organization could be charged a penalty of $100 to $50,000 per non-compliance incident. In 2018 alone, OCR issued financial penalties for HIPAA violations that amounted to a sum of $28.7 million—that’s a lot of money, as well as property, that could have been saved through compliance.
How can I get started on the HIPAA compliance process?
The first step in complying with HIPAA is knowing how your organization currently stands with compliance. At Hyper Vigilance, we offer a comprehensive readiness inspection that gives you a complete picture of where you are and what you need to do next. During the inspection, we’ll walk through every procedure, practice, and article of HIPAA and compare it against your current operations to give you clear next steps towards compliance.
If your organization needs to comply with more than one compliance framework, we’re happy to assist you. Hyper Vigilance offers compliance management services for a range of different compliances outside of HIPPA.
If your company needs to be HIPAA compliant, we’ll get you there. Our full-service compliance management services help prepare you for an official audit, ensuring you have the right procedures in place, the best software configured, vigilant security guards, and the proper documentation to prove it all. With our straightforward pricing model and our emphasis on making compliance accessible and easy to understand, you can trust Hyper Vigilance with your compliance management needs.
Get in touch with us to take charge of your business’ cybersecurity foundation.