The Health Insurance Portability and Accountability Act of 1996 (HIPAA) forever changed the way the healthcare industry managed information.  This federal legislation, along with other more recent regulations such as the Health Information Technology for Economic and Clinical Health Act (HITECH), has created a maze of rules and policies that are often confusing and lack appropriate implementation guidance.  At a high level, nearly all healthcare providers and their business associates have certain responsibilities to protect patient information in their possession, regardless of the format. 

The law also requires most healthcare organizations to have implemented a security management process that includes policies and procedures to prevent, detect, contain, and correct security violations through performance of an accurate and thorough analysis of the potential risks and vulnerabilities to the confidentiality, integrity, and availability of electronic protected health information held by the covered entity or business associate.  In simple terms, a security risk assessment focused on the HIPAA standards is required on a regular basis to verify the appropriate management and compliance of these regulations.
The BluTinuity team has assessed, planned, implemented, managed, audited, and optimized security, systems, processes, controls, and security in large and critical access hospitals, physician clinics, surgery centers, mental & behavioral health providers, a crisis hotline provider, home health providers, dental practices, physical therapy clinics, regional and national long term care providers, pharmaceutical manufacturers, pharmaceutical disposal / supply chain providers, blood centers, benefit managers, insurance, healthcare financing organizations, accountable care organizations (ACO's), healthcare cooperatives, health information exchanges, healthcare software vendors, social services agencies, and government health departments.  We look forward to assisting your organization with its healthcare compliance and HIPAA management in the following specific domains:
  • HIPAA Security Risk Assessment
  • Meaningful Use Risk Assessment
  • Comprehensive IT Risk Assessment
  • HIPAA Security Audit Preparation
  • Administrative Safeguard Assessment
  • Physical Safeguard Assessment
  • Technical Safeguard Assessment
  • Part Time / Interim HIPAA Security Officer
  • Part Time / Interim HIPAA Privacy Officer
  • Healthcare / EHR System HIPAA Capabilities Assessment
  • Business Associate Agreement (BAA) Audit and Management
  • Vendor / Business Partner BAA Validation
  • HIPAA Compliance Consulting
  • HIPAA Remediation Planning
  • HIPAA Compliance Project Management
  • IT Security Project Management
  • HIPAA Policies & Procedures
  • Mock Security Breach Incident Scenario Exercises
  • Security Breach Notification Planning & Tracking
  • Incident Response Plans
  • Contingency Plans
  • Data Backup Plans
  • Disaster Recovery Plans
  • Emergency Mode Operation Plans
  • Testing & Revision Procedures
  • Applications & Data Criticality Analysis
  • NIST EHR Testing for Meaningful Use Self-Certification
  • Business Associate Agreement Management
  • EHR Certification Readiness Roadmap
  • Healthcare System Selection (EHR, Practice Management, Billing/Finance, Lab, Radiology, Therapy)
  • Healthcare Custom Software Development
Please contact us to see how BluTinuity can help with your healthcare information technology and HIPAA compliance needs.