Easy HIPAA compliance for mid-sized anesthesiology practice
Understanding the HIPAA compliance concerns for a medical practice is imperative. You need to know what you can realistically do to become more compliant. Cash flow and budget are key concerns, but you are totally lost in regards to security, off-site backups and Disaster Recovery.
Onepath evaluated the current IT infrastructure via a Risk Assessment. Together, we determined the current policy and procedures manuals and security procedures and practices were inadequate and/or not followed. We also determined the current backup solution was not reliable and off-site storage was not happening.
From this, Onepath designed a security solution incorporating secure process for file access, remote access, session time out, password updates, and USB devices. We also designed an affordable backup solution with an off-site storage and disaster recovery plan, encrypted text and email solutions for specific users, and a current policy and procedure manual with plans to meet all identified areas of concern with a remediation solution.
The practice can now comfortably pass a HIPAA audit without fear of penalties. A security plan and procedure is in place to protect intellectual assets, and a business continuity plan is in place. And now, the practice manager no longer worries about security and focuses on patient care and profitability.