Welcome to HIPAA Compliance Services, your HIPAA regulatory compliance experts.
We are available to act as a resource and answer your questions or assist with your concerns. Call Dr. Talcott at 469.371.8804 or email firstname.lastname@example.org.
The MSCA has created an arrangement where this page has been provided by HIPAA Compliance Services to assist association members in identifying the most important features of a HIPAA Compliance Program and offer resources to assist with implementation and maintenance of such a program; Dr. Talcott has agreed to answer HIPAA questions, for our members, as an added benefit to you for supporting the Association! Watch for live events and HIPAA related webinars in our state!
Critical features of a HIPAA program;
1. Having adequate written policies
2. Appropriately educating your workforce
3. Completing a compliant risk analysis & ISAR (Both demanded in ALL government audits)
4. Performing multiple required internal audits and evaluations on an annual or more frequent basis
5. Assuring that you have met all government standards listed on this page
Most problems experienced by doctors today arise from them being caught unaware of the massive increase in breaches leading to public demand for protection resulting in record breaking increases in enforcement. Doctors simply don’t know what they don’t know!
Because of ever increasing HIPAA enforcement of WILLFUL NEGLECT and the associated $50,000 – $1.5 million dollar fines, it is now more important than ever to determine your level of compliance.
The recommended starting place for most doctors or compliance officers is to view ‘Get Your HIPAA Score’; a FREE 20 minute evaluation to help you determine deficiencies that may exist in your HIPAA Compliance Program.
Many chiropractors from Missouri have been audited and most were not adequately prepared. In the event that you would like assistance in managing deficiencies, we have made The HIPAA Survival Kit available at special pricing for members of the Missouri State Chiropractic Association! Click here for information about the HIPAA Survival Kit!
Simply enter the discount code that was provided by the Missouri State Chiropractic Association MSCA at CHECKOUT for substantial savings ($100!!) on the HIPAA Survival Kit – the easiest and most cost effective solution for all of your HIPAA needs!
HIPAA Compliance Services often gets asked what type of services are offered and how do they differ?
As a quick description of our different programs:
Bronze: this program utilizes that HIPAA Survival Kit with its self-guided workbook, training CDs for your staff to follow and document CDs from which you can customize the required documents, policies-risk analysis, ISAR, contingency plans and other required components of a HIPAA program.
Silver: with this program we ask you questions via email and/or phone and then author all of those documents for you and present you final copies in electronic and hard copy. This is often a 500 to 700 page completed HIPAA compliance manual! You also receive a complimentary copy of the HIPAA Survival Kit as an ongoing resource.
The cost of this program is three equal payments of $599 each. This is our most popular program as it takes the least doctor and staff time and is affordable for most clinics.
Gold: with this program you get everything in the Bronze and Silver program plus we come on site and train your compliance officer face-to-face, we train your staff in person, we do a physical plant walk through/inspection and provide extended support.
The cost of this program is typically $4-$5000 plus expenses, but can vary greatly due to circumstances such as number of locations, number of doctors, number of licensed professionals and at times even whether we’re already in your state or area providing training or speaking at events etc. (that can reduce expenses). This is typically for the elite practice that circumstances indicate they would lose more money diverging the doctor and/or staff time from seeing patients and building the practice than would be the cost of the Gold program. For the right clinic this is a blessing, but it is cost prohibitive for many.
If your practice is of this status you will need to obtain a final quote.
After purchasing Dr. Ty Talcott’s “HIPAA Survival Kit”, I immediately started going through the book and CD’s provided in the kit in the order recommended and found the process to be very systematic and easy to follow. By using the Survival Kit, I was able to break down an overwhelming project into easy step-by-step instructions. Yes, there was work to be done and discussions to be had in the office, but it was manageable. In fact, I enjoyed it. We now know that our systems are much tighter, our policies and procedures are more complete, and that we are doing everything in our power to protect our patients’ information. Thanks, Dr. Talcott for sharing your knowledge.
Kathy Hoff, Overland Park, KS – Director of Community Relations/ Certified Wellness Coach
The “Kit” is designed to simplify the required ‘standards’ to a format of answering the question, “What do I do?” and then providing step by step guidance. HIPAA Compliance Services also provides on site installation services – call for a quote.
Offered for your convenience: Government Stated Required HIPAA standards that must be met by every physician office.
Security Management Process: 164.308(a)(1)
Risk Analysis (REQUIRED)
Risk Management (REQUIRED)
Sanction Policy (REQUIRED)
Information System Activity Review (REQUIRED)
Assigned Security Responsibility: 164.308(a)(2) (REQUIRED)
Workforce Security: 164.308(a)(3)
Authorization and/or Supervision (ADDRESSABLE)
Workforce Clearance Procedure (ADDRESSABLE)
Termination Procedures (ADDRESSABLE)
Information Access Management: 164.308(a)(4)
Isolating Health Care Clearinghouse Functions (REQUIRED)
Access Authorization (ADDRESSABLE)
Access Establishment and Modification (ADDRESSABLE)
Security Awareness and Training: 164.308(a)(5)
Security Reminders (ADDRESSABLE)
Protection from Malicious Software (ADDRESSABLE)
Log-in Monitoring (ADDRESSABLE)
Password Management (ADDRESSABLE)
Security Incident Procedures: 164.308(a)(6)
Response and Reporting (REQUIRED)
Contingency Plan: 164.308(a)(7)
Data Backup Plan (REQUIRED)
Disaster Recovery Plan (REQUIRED)
Emergency Mode Operation Plan (REQUIRED)
Testing and Revision Procedures (ADDRESSABLE)
Applications and Data Criticality Analysis (ADDRESSABLE)
Evaluation: 164.308(a)(8) (REQUIRED)
Business Associate Contracts & Other Arrangements: 164.308(b)(1)
Written Contract or Other Arrangements (REQUIRED)
Family Access Controls: 164.310(a)(1)
Contingency Operations (ADDRESSABLE)
Facility Security Plan (ADDRESSABLE)
Access Control and Validation Procedures (ADDRESSABLE)
Maintenance Records (ADDRESSABLE)
Workstation Use: 164.310(b) (REQUIRED)
Workstation Security: 164.310(c) (REQUIRED)
Device and Media Controls: 164.310(d)(1)
Media Re-use (REQUIRED)
Data Backup and Storage (ADDRESSABLE)
Access Controls: 164.312(a)(1)
Unique User Identification (REQUIRED)
Emergency Access Procedure (REQUIRED)
Automatic Logoff (ADDRESSABLE)
Encryption and Decryption (ADDRESSABLE)
Audit Controls: 164.312(b) (REQUIRED)
Mechanism to Authenticate Electronic Protected Health Information (ADDRESSABLE)
Person or Entity Authentication: 164.312(d) (REQUIRED)
Transmission Security: 164.312(e)(1)
Integrity Controls (ADDRESSABLE)
For additional information, check out our blog!