Healthcare providers, payers, clearinghouses and others must comply with government regulations like the Health Insurance Portability and Accountability Act (HIPAA) and the Health Information Technology for Economic and Clinical Health Act (HITECH). Initially, compliance with HIPAA was slow to occur due to lack of enforcement. With the passing of the HITECH Act and subsequent clarifications, not only has enforcement for violations of both acts been strengthened and solidified, incentives have been put in place for the adoption of secure electronic health records that promote treatment efficacy and cost reduction, while protecting personal health information.
The HITRUST Alliance has provided the HITRUST Common Security Framework (CSF) that is healthcare specific, comprehensive, and proscriptive. Portions of the framework can be used as the basis for HIPAA and HITECH Act compliance and provide assurance that the intent of both acts is satisfied.
Solutionary services help healthcare organizations to:
|Assess and Measure Gaps:||HITRUST CSF assessment methodology performed by experienced, certified HITRUST CSF practitioners applied selectively to the HIPAA and HITECH Acts; prioritized and actionable recommendations; peer benchmarking.|
|Remediate and Enhance:||Experienced, certified HITRUST CSF Practitioners, security program, policy, and procedures design, services, tools, and process implementation.|
|Execute and Monitor:||HIPAA / HITECH compliant Log Monitoring, Log Management, Vulnerability Management and Security Device Management.|
|Demonstrate Compliance:||Standard and customizable reporting, secure evidence repository for all HIPAA / HITECH compliance related assessments, results, and reports; integrated ticketing with assignment, tracking, and journaling.|
Solutionary services to support HIPAA / HITECH compliance include: