公司描述
HIPAA requires IT Service Providers to be HIPAA Compliant
The Health Insurance Portability and Accountability Act (HIPAA) is a very complex set of regulations and requirements governing how covered entities (doctor offices, health organizations, hospitals, etc.) protect and manage protected health information (PHI). Traditionally, when we discuss HIPAA, we instantly think about the compliance requirements placed on covered entities.
A lesser known portion of the law requires any party that possesses or accesses a HIPAA covered entity’s PHI to comply and safeguard data to the same standards as the covered entity. In layman’s terms, IT service providers must comply with HIPAA.
Bear Bones IT Takes HIPAA Compliance Seriously
The requirements under HIPAA are extensive! To make sure that our services and products are HIPAA compliant we have partnered with third-party experts. Our management team works with these experts to make sure the following happens on a regular basis:
Policies and procedures – we have extensive documentation to ensure that our team remains HIPAA compliant. These written policies and procedures have been reviewed by legal teams and determined to meet the standards set by HIPAA. Our entire team is required to read and acknowledge understanding of these policies.
Annual risk assessments – we hire a third-party team to perform a risk assessment on all systems, policies, procedures, and technologies in user by Bear Bones IT. The results of this assessment are provided to management and actionable steps are taken to make sure that any risks are promptly dealt with.
Ongoing HIPAA training – every member of the Bear Bones IT team is required to go through a HIPAA training program at regular intervals. The program covers the latest changes to regulations and requirements under HIPAA. Constant training ensures that our team is aware and knowledgeable about HIPAA requirements.
The Health Insurance Portability and Accountability Act (HIPAA) is a very complex set of regulations and requirements governing how covered entities (doctor offices, health organizations, hospitals, etc.) protect and manage protected health information (PHI). Traditionally, when we discuss HIPAA, we instantly think about the compliance requirements placed on covered entities.
A lesser known portion of the law requires any party that possesses or accesses a HIPAA covered entity’s PHI to comply and safeguard data to the same standards as the covered entity. In layman’s terms, IT service providers must comply with HIPAA.
Bear Bones IT Takes HIPAA Compliance Seriously
The requirements under HIPAA are extensive! To make sure that our services and products are HIPAA compliant we have partnered with third-party experts. Our management team works with these experts to make sure the following happens on a regular basis:
Policies and procedures – we have extensive documentation to ensure that our team remains HIPAA compliant. These written policies and procedures have been reviewed by legal teams and determined to meet the standards set by HIPAA. Our entire team is required to read and acknowledge understanding of these policies.
Annual risk assessments – we hire a third-party team to perform a risk assessment on all systems, policies, procedures, and technologies in user by Bear Bones IT. The results of this assessment are provided to management and actionable steps are taken to make sure that any risks are promptly dealt with.
Ongoing HIPAA training – every member of the Bear Bones IT team is required to go through a HIPAA training program at regular intervals. The program covers the latest changes to regulations and requirements under HIPAA. Constant training ensures that our team is aware and knowledgeable about HIPAA requirements.