OVERVIEW
The goal of HIPAAclarity consulting services is to ensure that your organization meets all HIPAA requirements. HIPAAclarity will help you get there. By completing the actions listed below, your organization will be fully “HIPAA compliant.” All services may be completed remotely, with your input and review.
RISK ASSESSMENT
The Risk Assessment is a key HIPAA requirement, and HIPAAclarity will provide it. We examine your technology environment, your operations, and your business procedures to make sure you fully meet all requirements. The deliverable is a written document, the Risk Assessment. It includes an inventory of Protected Health Information (PHI), and a clear identification of areas where you may fall short of requirements, or need improvement. With a strong background in healthcare and IT, HIPAAclarity can suggest practical remediation steps as needed.
HIPAA POLICIES and PROCEDURES
HIPAA also requires written Policies and Procedures (P&P) that describe compliant operating procedures. The P&P describes good technical, administrative, and management practices. Our deliverable is a written document customized for your organization. For smaller organizations, the P&P need not be lengthy, maybe a dozen pages or so.
THE BUSINESS ASSOCIATE AGREEMENT (BAA)
The Business Associate Agreement (BAA) is another key HIPAA requirement. This is a formal agreement between healthcare providers, Business Associates, and some key vendors. HIPAAclarity provides you a good working copy of the BAA, and explains your responsibilities for using it.
AWARENESS TRAINING
Awareness Training must be provided to members of your workforce. HIPAAclarity provides user-friendly training materials that may be distributed to any employee, along with a simple Quiz to validate receipt of training. HIPAA does not require workforce members to be “HIPAA experts,” but only to understand and be aware of the requirements.