Compliance

Be prepared and stay protected.

Risk Analysis

A HIPAA Risk Analysis is a core objective to qualify for the Meaningful Use stimulus and is the first and foundational step in achieving HIPAA compliance.

Under HIPAA and Meaningful Use guidelines, a comprehensive risk analysis is required at least once a year for each and every Covered Entity and Business Associate. With the increased likelihood of being audited for HIPAA compliance and MU incentives, coupled with the sizable penalties involved, healthcare organizations must be diligent about following the proper protocols during their annual Risk Analysis.

What We Do

At Solve Healthcare, we conduct a HIPAA Risk Analysis with our clients every 6 months.  With the advent and use of technology at healthcare organizations, IT processes and the workflows that surround these functions changing frequently, we stay on top of evolving compliance regulations. Our compliance professionals measure and monitor actual practices to determine if policies are actively followed and to identify compliance risks, vulnerabilities, and potential PHI exposure.

Interwoven Approach

Technology and compliance in healthcare go hand-in-hand and our approach does too. Solve’s services differ because our compliance and technology professionals collaborate to examine, develop, validate and deliver security recommendations to our clients.

Technical Safeguards
Technical Safeguards
  • Asset Identification
  • Visualizing Vulnerability
  • Inventory Management
Physical Safeguards
Physical Safeguards
  • Environment Security
  • Access Controls
  • Monitoring
Administrative Safeguards
Administrative Safeguards
  • Policies
  • Roles & Responsibilities
  • Processes and Response

Remediation

We don’t just provide you with a list of recommendations, Solve can augment or take ownership of remediation. Our talented and cohesive teams deliver definitive results with finesse because we practice what we preach.

  • HIPAA Privacy
  • HIPAA Security
  • Breach Notification
  • Business Associates
  • Audits and Validation
  • Administration
  • Periodic Assessment
  • Breach Notification

Consequences

Here are some recent and notable privacy/security violations that illustrate the financial and criminal liability associated with HIPAA breaches for Covered Entities and their Business Associates.

July 2015
St. Elizabeth’s Medical Center did not analyze the risks of an Internet-based document sharing app, which stored protected health information for almost 500 individuals, leading to a $218K fine.

June 2015
A previous employee of Providence Alaska Medical Center was sentenced to serve two 24 month prison terms concurrently for unauthorized disclosure of two patients’ health information.

April 2014
Concentra Health Services agrees to pay over $1.7 million to settle potential HIPAA violations after a laptop was stolen.

March 2014
Stanford Hospital and Business Associate vendor agree to settle for a $4.1 million payment amount in data breach class action.

December 2013
Dermatology private practice agreed to settle potential violations of HIPAA Safeguards with the Department of Health and Humans Services by agreeing to pay $150,000 for an unencrypted thumb drive that was stolen.

April 2010
A UCLA employee receives a federal prison sentence for accessing patient records without proper authorization.

Contact Sales

Click the button below or call us toll-free at (855) HIT-EXPERTS to speak to a live person.

Get In Touch