HIPAA / HITECH Assessment
People expect any information relating to their health records to be protected and safeguarded against any attempt of compromise. The Health Insurance Portability and Accountability Act (HIPAA), along with the Health Information Technology for Economic and Clinical Health (HITECH) Act have outlined acceptable measures companies that store, handle, or process electronically protected health information (ePHI) must adhere to. Who is a covered entity, what information is protected, and the safeguards that must be in place to ensure the HIPAA Security Rule is properly followed. HIPAA, in general, applies only to covered entities – primarily health plans, health care clearinghouses and health care providers. The HITECH Act of 2009 expanded the responsibilities of business associates of the covered entities. It addresses requirements for service organizations acting as vendors and providing services to the covered entities, and therefore have access to ePHI. Even if you are not a covered entity, but are a vendor to the covered entity and have access to their ePHI you are likely subject to the requirements under HIPAA/HITECH.
EZITconnect has prepared numerous organizations to undergo and maintain their HIPAA attestation. If you are questioning whether your company is HIPAA/HITECH compliant contact us.