HIPAA, HITECH, & HITRUST

Dramatic changes are taking place in regard to protection of Private Health Information (PHI). The HIPAA Security Rule has been in effect since 2003; however, in 2009, Health and Human Services (HHS) added “business associate” to entities that must comply with the HIPAA Act of 1996. In addition the FTC and HHS , as part of the American Recovery and Reinvestment Act of 2009 known as the HITECH ACT, included breach notifications requirements for all covered entities under HIPAA.

What does this mean to healthcare organizations?

• It expands the covered entities that now must comply with the HIPAA Security Rule.
• Along with providing incintive for the adoption of electronic medical records as a result of the HITECH ACT, the change adds penalties should there be a breach involving PHI.
• Provides oversight for the enforcement of the HIPAA security rule and has been transferred from HHS to the FTC which has a strong history of imposing penalties for non-compliance.

HITRUST

Developed in collaboration with healthcare and information security professionals, the Common Security Framework (CSF) is the first IT security framework developed specifically for healthcare information.Unlike previous healthcare security initiatives, HITRUST provides a clear set of assessment guidelines for healthcare organizations.

Sword & Shield is one of just a handful of companies authorized as a HITRUST CFS Assessor.

How We Can Help with HIPAA, HITECH & Meaningful Use

Sword & Shield’s Compliance Shield™ provides a risk based approach to help organizations comply with the HIPAA Security Rule while focusing on areas vulnerable to the HITECH Rule. A Sword & Shield risk assessment and corrective action plan will assist you in confidently applying for Meaningful Use funds.

• Phase I provides a risk assessment involving people, policies, processes and technology, a detailed gap analysis against HIPAA Security Rule and HITECH and produces a detailed remediation plan or road-map to becoming secure and compliant.
• Phase II, known as “Closing the Gap.” At this stage, Sword & Shield partners with our client to achieve compliance.
• Phase III is continuous monitoring. We develop a plan to monitor compliance as regulations, people, processes, applications and technology change to insure compliance and security is maintained.

Questions Our Reports Answer

• Are you compliant with HIPAA or HITRUST Security Rules?
• What are your risks associated with protecting PHI?
• Can a hacker get to your PHI information?
• How do I prioritize my resources (budget and time) in closing the gaps to become secure and compliant?
• What do I need to do to maintain security and compliance on a continuous basis?

Find Out More

Sword & Shield has been outsmarting cyber-criminals and improving security for enterprises around the world since 1997. Fill out our Consultation Request form or contact us by phone so we can begin securing your future.

U.S. Toll-free: 800-810-1885

International: 865-244-3500

Request a Consultation

Name *
Company
Email *
Phone *
State	Select a StateAlabamaAlaskaArizonaArkansasCaliforniaColoradoConnecticutDelawareDistrict of ColumbiaFloridaGeorgiaHawaiiIdahoIllinoisIndianaIowaKansasKentuckyLouisianaMaineMarylandMassachusettsMichiganMinnesotaMississippiMissouriMontanaNebraskaNevadaNew HampshireNew JerseyNew MexicoNew YorkNorth CarolinaNorth DakotaOhioOklahomaOregonPennsylvaniaRhode IslandSouth CarolinaSouth DakotaTennesseeTexasUtahVermontVirginiaWashingtonWest VirginiaWisconsinWyoming
How can we help you today?
Spam Protection	Type this:
Sales answers requests within 1 business day and usually within a few hours.