When a provider or practice manager finally gives serious consideration to their HIPAA compliance needs, even with the best of intentions, a clinic often overlooks or fails to implement essential components of HIPAA compliance. That is why we have created a customized program that includes a full installation of crucial elements of a HIPAA program that, at the same time, trains your team member on how to be the compliance officer.
Between your assigned, certified specialist and your appointed Compliance Officer and providers, the program is customized specifically for your practice needs. Think of your great-grandmother’s handstitched quilt she made many years ago, and how the careful stitching tightly holds the quilt together still today. Often, cookie-cutter patterns built by machines have increased vulnerabilities as a missed stitch can unravel the entire piece. We will keep our eyes on every stitch, making sure to provide the masterpiece you need to be HIPAA compliant. While you seek to preserve the quilt with preventive measures, we will teach you how to maintain and care for your HIPAA program.
During the implementation program, the KMC University specialist will carry the load by analyzing data, tracking Protected Health Information (PHI) in your clinic, and identifying vulnerabilities. We then create and customize each form, log, and policy your clinic needs to be compliant. Because our compliance team is certified and trained, we will serve as your compliance officer during this time, taking the anxiety and worry off your shoulders. You can trust your HIPAA compliance needs to a company that has a reputation for compliance excellence.
- Customized HIPAA Compliance Manual for your practice-physical and/or digital
- A comprehensive baseline HIPAA Security Risk Assessment, and follow-up assessments during the implementation period
- A complete tracking of PHI in the clinic
- Identification of all vendors who qualify as Business Associates, requiring special handling
- Personalized, compliant Business Associate Agreement templates, and signed agreements with all applicable vendors
- Personalized and compliant Notice of Privacy Practices, up to the new standards implemented after HIPAA Omnibus
- Processes, policies, and procedures necessary to respond to privacy related patient requests such as records requests, amendments and restriction of disclosure
- Audits of all devices and applications on which PHI resides
- Role-Based Access Assignments developed and documented
- Training and Equipping Staff for HIPAA Risk Management
- Written Contingency Plans Based on Security Risk Analysis Threats and Vulnerabilities
- Risk Action Assignments with clear target dates
- HIPAA Training for all workforce members
- Necessary Confidentiality Agreements for all workforce members
- Structured Guidance and Policy to resolve and minimize Security Risks
If you have some type of HIPAA program in place, even if it’s out of date, we prefer to start with a discovery review so we can meet you where you are. After that review, we can make recommendations as to what is necessary to safely knit all the pieces of your HIPAA quilt together for your safety and peace of mind.
Ready to get started with the review? Click here
Thank you so much for reaching out to me. You made my day! Covid has rocked my practice as I have had to change most things about practicing. Not a bad thing, just new. To know that you and your team still strive to continually improve and stay on top of a tumultuous environment, is truly inspiring. Thank you all for being the heroes we didn't even know we needed