HIPAA Security

HIPAA Security Services

MMIC Health IT is unique in that we provide a full range of technology support for physicians, clinics and hospitals.

We approach projects from your perspective. That means we work with your processes and workflows and create solutions that meet your particular needs. Whether you are a private practice physician, employed by a hospital, a clinic administrator, or part of the IT organization, we understand your needs and are ready to help. Our HIPAA Security Services include:

HIPAA Security Baseline Compliance Assessment

This assessment includes a technical and non-technical evaluation and policy review with respect to regulations (HIPAA Security Standards, Final Rule – 45 CFR Parts160,
162, and 164), including interview of IT and administrative resources. You will receive a compliance assessment report including a scorecard with recommendations on compliance strategy.

EHR Security Risk Analysis

In accordance with the Stage 1 Objective and Measure, this core set requirement applies to Eligible Providers (EPs) and Eligible Hospitals & Critical Access Hospitals (EHs &
CAHs). HIPAA Security rules apply even if you have delayed Meaningful Use to 2012.

  • Core Measure 15 of 15 for EPs
  • Core Measure 14 of 14 for EHs & CAHs
Stage 1 Objective Stage 1 Measure
Protect electronic health information created or maintained by the certified EHR technology through the implementation of appropriate technical capabilities. Conduct or review a security risk analysis in accordance with the requirements under 45 CFR 164.308(a)(1) and implement security updates as necessary and correct identified security deficiencies as part of its risk management process.

Breach Risk of Harm Assessment

Under the Health Breach Notification Rule, covered entities and their business associates are required take specific steps in the event of a health breach and comply within 60 days of its discovery. This assessment will help to determine risk of harm and notification requirements and provide you with a guideline for the breach notification process.

Other HIPAA Security Services

  • Security risk mitigation and remediation - technology selection, evaluation, implementation of security solutions
  • Design/develop security auditing process
  • Design workforce security awareness training program
  • General security risk analysis for those not attesting to Meaningful Use, but required for HIPAA Security.

Contact Us

Find out more about how MMIC Health IT can help you with your HIPAA Security initiatives!

Contact Us

Organization:
Name:*
Email:*
Phone:
Comments:*
* required