Other Services

Recent Blogs

HIPAA Compliance and Consulting

Are you concerned about whether you, your practice or your healthcare facility are in full compliance with HIPAA? These standards and accompanying rules are fairly complex, and even unknowingly violating HIPAA can mean suffering penalties. Having a partner like AllThings Must Have Consulting can protect you from costly litigation, penalties, and jail time. Even if you have an in-house HIPAA Privacy Officer, periodically consulting with a member of our team of professionals offers an added layer of protection. Two heads are better than one, and an extra pair of eyes can catch things the Privacy Officer may miss. Call AllThings Must Have Consulting to speak with a representative today.

What Is HIPAA?

The Health Insurance Portability and Accountability Act (HIPAA) of 1996 is a federal law that was designed to protect sensitive health information from being disclosed without the patient’s consent or knowledge. HIPAA required the creation of standards to this end and applies to covered entities (healthcare providers, health plans, healthcare clearinghouses, and business associates). HIPAA standards and rules are complex, and even unknowingly violating HIPAA can lead to costly penalties. Willful and criminal violations can cost hundreds of thousands of dollars as well as jail time.

The Privacy Rule and Security Rule

There are two primary components of HIPAA: the Privacy Rule and the Security Rule. The Privacy Rule addresses the use and disclosure of individuals’ protected health information (PHI) by covered entities. It also includes standards that allow the flow of health information needed to provide and promote high-quality health care. It strikes a sensitive balance that permits crucial use of information while protecting the privacy of patients.

The Security Rule further protects a subset of information covered by the Privacy Rule: health information that a covered entity creates, receives, maintains, and transmits in electronic form. The covered entities must:

  • Ensure the confidentiality, integrity, and availability of all electronic PHI
  • Detect and safeguard against anticipated threats to the security of the information
  • Protect against anticipated impermissible uses or disclosures
  • Certify compliance by their workforce

How We Help

HIPAA rules are complex and sensitive, and the penalties for breaching duties can be severe. Even the U.S. Department of Health & Human Services’ summary of the Privacy Rule is a couple of dozen pages long. AllThings Must Have will help you decipher the rules, perform a risk assessment, create policies and procedures, review business associate agreements, and train employees.
HIPAA rules can change, so it is important to stay up to date. AllThings Must Have will periodically schedule conference calls with you and keep in touch to update you on changes. Call us today to get started with an initial consultation on our services and how we can help.