The Health Insurance Portability and Accountability Act (HIPAA) of 1996 and the recent Health Information Technology for Economic and Clinical Health Act (HITECH) of 2009 were both enacted by the U.S. Congress to promote the privacy and address security concerns associated with patient healthcare information.  These Acts are ultra complicated government regulations that have changed the way organizations record, store and process patient records.  Have you assessed how the recent enforcement of the HITECH Act affects your organization?

Benefits of Complying with HIPAA

The Department of Health and Human Services is authorized by the HITECH Act to perform periodic compliance audits and enforce penalties with fines ranging from $25K to $1.5M for cases of “willful neglect.”  It’s important for healthcare information technology and security professionals to understand how to implement the right structure to adhere to these compliance issues and protect electronic health records accordingly.

Initial Steps to Becoming Compliant

  1. Understand your Protected Health Information (PHI) data: Assess what kind of data you maintain, where it resides, and how it is transmitted within your organization and third parties.
  2. Understand who has access to PHI data:  Security breaches commonly start within your organization. Have you taken into account best hiring/screening practices and appropriate training of personnel?
  3. Evaluate Vendors: Are you aware of all vendors who may have access to PHI.  Have you taken precautions to limit your risk with vendors?
  4. Develop a response plan for incident or violations of HIPAA privacy.

Skoda Minotti Risk Advisory Services

Our concept is to bridge the gap for our clients from wanting to comply to becoming compliant. Skoda Minotti Risk Advisory Services delivers cost-effective solutions that meet your organization’s needs by understanding the regulatory pressures and the demands within your industry.  Each of our compliance initiatives are customized and designed to assist your company in a seamless process from the time we initiate the project to finalizing a roadmap for compliance.  Each organization that handles healthcare information is unique and we possess the necessary knowledge related to HIPAA Security to assess your company’s risk and to provide Guidance to your organization.

Need a roadmap to compliance?  Contact Skoda Minotti Risk Advisory Services today to understand how we can assist you in becoming HIPAA compliant.


Assurance Concepts is now Skoda Minotti Risk Advisory Services. Click here to visit this page on our new website: HIPAA Compliance.

More Information