Intersect offers a highly differentiated HIPAA Compliance service. Intersect's technology-driven process is aimed at assuring that the achievement of HIPAA compliance isn't just a one-time event. The program is intended to prevent breaches and insure that clients remain HIPAA compliant. Read on to learn more.
Intersect believes that services limited to a single HIPAA Risk Analysis leaving you with a list of problems fail to mitigate the risks associated with audits and breaches. There are a number of reasons. First, the Risk Analysis identified problems and recommended remediation. One of the large penalties ($2.75 million) that will be discussed in the "Risk and Enforcement" page of the website, was for a scenario when a Risk Analysis uncovered problems that were not addressed. If problems are addressed, is their evidence to show an investigator? Are their new problems? A single HIPAA Risk Analysis is a single snapshot in time. One occurance of an employee leaving the organization, or a change in a vendor, or the creation of a new virtual machine will cause compliance to silently vanish in an instant.
Another significant value of regular analyses is that it validates encryption. This is critical because encrypted files are exempt if they are lost. Most often lost encryupted files do not have to be reported to the federal government and patients are not required to be notified. The issue around the loss of encrypted files is that if a device is lost, you no longer have access to it. You must be able to prove that the files were encrypted without having access to it. This scenario is where encryption reports are so valuable.
Intersect's HIPAA technology tool will locate protected data files. It will search a network and inspect the devices returning a report indicating that it has found files that appear to have medical information or Social Security numbers and information in them that appears to indicate e-PHI. Often this data is not backed up and not secure.
Regualry scheduled recuirring HIPAA Risk Analyses will also provide evidence that problems identifiied in previous Analyses have been addressed. Intersect will note and document what has been done to correct previous problems., If there are new problems, they will be identified and can be mitigated.
"Intersect also offers significangt benefits over "do it yourself" strategies for achieving HIPAA compliance. First, there is a benefit to the organization in having an independent organization responsible for performing the discovery and evaluating the extisting network environment. This eliminates the potential for bias which could compromise compliance decisions. Additionally, Intersect has access to technology tools that would be impractical for individual healthcare organizations to own.
Finally, Intersect has subject matter expertise in HIPAA regulations and in healthcare delivery that enables us to perform as a true partner in the goal to delivering high quality patient-centered care in a safe and secure environment. Additional details are available from the links below.