Business Associates Could Be Subject To HIPAA Compliance Audits
A recent push for HIPAA compliance could affect businesses associated with providing billing and other services to the healthcare industry.
It was announced last month that the Government awarded $9.2 million in outside auditing contracts to two companies to conduct 150 HIPAA compliance audits on health care companies and organizations of all sizes. There is uncertainty as to whether or not BA’s (business associates) will be subject to auditing as a result of their relationship with health care providers.
Susan McAndrew JD- Deputy Director for Health Information Privacy (HIP), Office for Civil Rights (OCR) at the US Department of Health and Human Services (HHS) said, “OCR has not yet determined whether it will audit business associates in addition to covered entities during the audits that are anticipated to take place in 2012.”
HIPAA – the Health Insurance Portability And Accountability Act – was established in order to protect patient’s identifiable information and other sensitive data from being tampered with, stolen or accessed by unauthorized individuals. Penalties for HIPAA non-compliance can be costly and increase for every infraction or data record that is breached.
In addition to offline precautions that the health care industry must abide by – like securing network computers from theft or unauthorized access and disposing of patient records securely – online communications must be secured to protect against interception of this private data.
Although it might seem complicated and overwhelming to make the online division of your healthcare business HIPAA compliant, the solution is actually quite easy. MostHost, through strong partnerships with industry leaders, is able to provide secure Email services so that your business encrypts all information sent by email, CD/DVD, USB and information uploaded to the internet, secures information sent from 3rd party clinical systems, encrypts all Patient Identifiable Information (PII), offers seamless integration with healthcare email systems, it complies with NHS security policy, Data Protection (Health) Regulations, the EU Data Protection Directive, HIPAA & Local Data Protection Acts.
These centrally administered security policies enforce that all sensitive information is secured by email and offers true end-to-end security with non-repudiation, fast deployment and easy setup.
Key management procedures can be configured to store email in encrypted form and secure against internal threats. Another attractive benefit of our HIPAA compliant Email security solution is the low cost of ownership for administrators. As well as encrypting all data that is sent from your organization, all incoming mail is scanned for spam, viruses, phishing attempts and other Email communications that could put your corporate or non-profit computer network at risk.
A wise saying goes, “an ounce of prevention is worth a pound of cure” so assuring that your health care business, organization or non-profit is of utmost importance to protect your valued patients and your business assets.
Click here to sign up for a free trial of Email encryption services that are HIPAA compliant ahead of the upcoming audits taking place in the next year.