e.g.Template, Wizixo, WordPress theme
Intersect offers a true IT HIPAA Compliance service that is unlike any you have previously encountered or anything that you would be able to complete by-hand. It is not just another check-list process. Rather, we offer an automated, structured, and consistent approach to gathering the information to perform the HIPAA Risk Analysis as required by the Security Rule, and develop the output - the actual HIPAA Security Report that satisfies the HIPAA requirement. But, unlike most HIPAA compliance services that end there, Intersect's technology-driven process is just beginning. Intersect's strategy is aimed at assuring that the achievement of HIPAA compliance isn't just a one-time event. Furthermore the program is intended to aid in the prevention of an expensive and disruiptive breach.
Rather than provide an IT assessment, Intersect offers a HIPAA IT compliance approach. A one-time HIPAA Risk Analysis is a single snapshop-in time. It identifies problems and recommends remediation - but then what? Questions to be answered are: Have the problems been addressed? Is their evidence to show to an auditor or breach investigator? Are there changes or new problems?
HIPAA is an ONGOING challenge. Compliance can silently vanish in an instant. By repeating the risk analysis, new problems are identified early. Current information is available for an audit. With recurring risk analysis, the first evaluation becomes a baseline configuration. Subsequent analysis will identify what has changed since the last one. New issues that need remediation are identsified. Additionally, and reveal if there are any new challenges. And, the new analysis will provide documentation of remediations that were made for previous issues. Recurring Risk Analysis serve to provide a running health score on the network.
Compliance services which are limited to a single HIPAA Risk Analysis leave you with a list of problems, but fail to mitigate the risks associated with audits and breaches. The Risk Analysis identified problems and recommended remediation. But, when the problems have been mitigated, there is no evidence to substantiate the corrections. A recent large penalty ($2.75 million) was san example. Issues were addressed in the Risk Analysis, but there was no evidence that they were addressed. Recurring Risk Analysis reports will provide evidence to prove they were resolved.
Intersect's software tools will locate protected data files. It will search the network and create a report that specifies files that appear to have medical information or social seurity numbers and other information in them that points to this data. What is valuable about this report is that most organizations believe that users save all of their data to the servers; their protected medical information is in their EHR system. Our tool often identifies data that is PHI that they were unaware of. It is not backed up and not secure.
The tool prepares a list of users; are they current employees; are they no longer employed? Who has access to PHI, administrative rights, or access to financial information. This is not a "checklist" process. The entire assessment is automated, structured, and consistent. It is a true "under the skin" analysis designed to assure HIPAA compliance and help prevent against expensive data breaches.