 Products now available in the HSG Store. |
HIPAA Breach Notification Framework
Our HIPAA Breach Notification Framework walks you through the process of analyzing security incidents to determine what actions you must take to ensure your response complies with the HITECH Breach Notification requirements. The Framework discusses HITECH breach compliance in simple terms and uses twelve flowchart diagrams to help you navigate the process. It also includes tools and templates that help "jump start" your breach notification compliance initiative.
Buy Now...
Business Associate Agreement: a HITECH Ready Model Contract
Our model Business Associate Agreement includes provisions that meet the requirements of HIPAA/HITECH and is fully annotated with links to the relevant statutory/regulatory authority that underpins each Contract clause. The Contract package also includes a complete "User's Guide," with a clause-by-clause explanation of the issues addressed in the Contract.
Buy Now...
The Security Rule Under HITECH:
a Business Associate Perspective
First Edition
The most important step for building a "good SR compliance story" is for the business associate to get started. The approach in The Security Rule Under HITECH is to build the story iteratively over time. Most business associates (large or small) will likely need help in creating the story. The framework discussed throughout this document provides a good road map to follow.
Buy Now...
HIPAA Core Training Combo
This package includes the Breach Notification Simplified Training Module, the HIPAA Privacy Rule under HITECH Training Module, the HIPAA Security Rule Under HITECH Training Module and the HITECH and HIPAA Compliant Training Module all in one Combo Package. Buy all 4 for a little more than than the price of 3
Buy Now... |
| Join Our Mailing List |
|
Interested in staying current on HITECH / HIPAA compliance issues? Click the "join our list" link above and receive your own copy of the newsletter each month.
|
 |
| HIPAA Survival Guide Subscription Plan |
 |
| Cloud, Social Media, and Mobile Checklist Product Overview |
 |
| Business Associate Agreement Product Overview |
 |
| HIPAA / HITECH Core Training Product Overview |
 |
| Privacy Rule Checklist Product Overview |
 |
| Breach Notification Framework Product Overview |
|
|
Dear Carlos,
Welcome to our June 2014 HIPAA Compliance Newsletter.
Our article this month is entitled: Measuring HIPAA Compliance?
Let's assume, for the purposes of this article, that you are the compliance officer for your organization. Further, let's assume that for the good of the organization (and your own job) you have decided that it is high time you have that dreaded conversation with your boss regarding HITECH / HIPAA compliance, and how the organization could be found in "willful neglect" if it doesn't update its long since outdated HIPAA compliance initiative.
If you would like to "Look Inside" our Subscription Plan click here or watch the video below.
|
| HIPAA Survival Guide Subscription Plan |
ABCs of Launching a Compliance Initiative: Getting Started.
Date/Time
Thursday June 19, 2014 2:00 PM - 3:30 PM EDT
Get this event on your calendar!
|
|
Registration
|
| HSG Announcements |
|
Join the Conversation
The HIPAA Survival Group on LinkedIn continues to be the go to place for meaningful discussion of HITECH / HIPAA issues. You will find many industry thought leaders and insiders sharing their views on the evolving compliance landscape.
Stay Connected
Want to stay updated throughout the month? Follow Carlos on Twitter by clicking on the badge below. If you would like to read more regarding the authors' views on HIT and compliance click here and here and subscribe to their blogs.  Become a FanFollow us on FaceBook by becoming a fan of the HIPAA Survival Guide. Also, be sure to check out our HITECH Videos.
|
Measuring HIPAA Compliance?
|
 Let's assume, for the purposes of this article, that you are the compliance officer for your organization. Further, let's assume that for the good of the organization (and your own job) you have decided that it is high time you have that dreaded conversation with your boss regarding HITECH / HIPAA compliance, and how the organization could be found in "willful neglect" if it doesn't update its long since outdated HIPAA compliance initiative.
We are further assuming that your boss is not a "grouchy old doc" that frequently rants that he would prefer to go to jail than comply with HIPAA. If that is the case however, then update your resume and "get out of Dodge" as fast as you can. Frankly, you probably should have left Dodge years ago but it is not too late. Hopefully what you learn here will help you find a more enlightened boss.
Generally, any boss worth his/her salt is going to have some basic questions that you should anticipate and be prepared to answer. Among those questions may be the following:
- How much is this going to cost?
- How much of your time and staff time is this going to take?
- What's the probability that we will incur liability for non-compliance and what's a reasonable worst case scenario?
- How are we going to proceed (i.e. what's the plan)?
- How will we know if we have achieved our compliance objectives (i.e. how do we expect to measure HIPAA compliance).
Finally, we are assuming that your organization has already purchased our Subscription Plan. This assumption is made out of convenience (and because we are "shameless marketeers"), so that we can provide "real world" answers to the first four questions and focus the discussion on the last.
 How much will this cost?
There is no simple answer to this question for a number of reasons, including but not limited to, the following:
- Compliance is not a one time project but a continuous process.
- There will likely be some enabling technologies and/or consultants required to help your organization with technical aspects of compliance (e.g. encryption).
- A large part of the cost of your compliance initiative depends on your organization's size (e.g. taking an inventory of assets for a five person organization is far less expensive than for a 500 person organization).
Read More...
|
| About Us |
 3Lions Publishing, Inc. is now the owner/operator of the HIPAA Survival Guide website and the official sponsor of this newsletter. Our mission is to bring you HITECH / HIPAA statutes and regulations in an easy to read and digestible format, products that help reduce the burden of compliance, and "news you can use" via our newsletter.
We take a partnering and collaborative approach to the marketplace. If you would like to see specific topics covered in this newsletter, or additional products, then please let us know.
Carlos Leyva, CEO
3Lions Publishing, Inc.
(800) 516-7903
|
|
|
