HIPAA Compliance and Managed IT Services

HIPAA security established a rule for national standards to protect electronic personal health information (ePHI) by covered entities and their business associates. The security safeguards were put forth to ensure the confidentiality and security of ePHI.

By September 23, 2013, HIPAA/HITECH was in full effect with requirements to implement and update security policies and procedures, and to update HIPAA privacy notes and conduct training. Other dates for the new security rules were:

April 8, 2014 – End of support for Windows XP and Exchange 2003
July 14, 2015 – End of support for Windows Server 2003
January 1, 2015 – Meaningful use penalties for Medicare providers

meeting the standards of HIPAA security
You are open to compliance violations if:
  • You send emails to patients WITHOUT utilizing encryption software.
  • You’re still using software which is no longer supported by Microsoft with security patches (such as Windows XP or Exchange 2003).
  • Your computer and server are NOT encrypted.
  • Your systems administration does not have proper HIPAA policies and procedures documented.
HIPAA compliant documents

Also required is a signed Business Associate Agreement with your IT vendor. This HIPAA-compliant document establishes parameters for use of ePHI by clearly defining the business associate’s role in working with healthcare data. It sets forth limitations such as prohibiting the third-party from any forms of use or disclosure not stated in the agreement. It also outlines security requirements to guard against any unauthorized use or disclosure.

At Data Fast, we provide IT solutions specifically designed for HIPAA security. We provide priority support and actively manage:

  • Antivirus Software
  • Software Patching
  • Firewall Security
  • Server Data Backup
  • Server Disaster Recovery
  • Offsite Data Replication
  • VPN (virtual private network) Connectivity
  • Email Filtering
  • Email Continuity
  • Mobile Device Management (MDM)
  • HIPAA Security Risk Assessments (where applicable)

To find out how we can meet the standards of HIPAA security through compliance management and audit controls for your business, give us a call today!