join us on facebook
The Saturn Partners, Inc. | Saturn Partners Topics include: HIPAA Compliance, NERC and SCADA.
4774
single,single-post,postid-4774,single-format-standard,ajax_fade,page_not_loaded,smooth_scroll,,wpb-js-composer js-comp-ver-3.6.12,vc_responsive

Blog

HIPAA rules

The Saturn Partners, Inc. offers a complete security audit for your health care IT environment. Whether you are a small clinic or large hospital, you know there are compliance standards you must maintain for the protection of PHI.

 

In addition, as an health care compliance officer, IT Direction, VP of Operations or Security, you are well aware of the daily threats to the privacy and security of your proprietary applications, server, firewall and wireless traffic.

 

We are experienced in taking the security standards below and performing an in depth on and offsite series of tests, social engineering, policy and emergency preparedness reviews in order to evaluate levels of overall security in the network environment.

 

Then we prepare a customized security and compliance program, working with your budget and management team, to ensure that your environment will show complete compliance to all of the applicable HIPAA standards as it applies to security of your PHI, infrastructure and network environment.

 

164.306(a)(1)

164.306(a)(2)

164.306(a)(3)

Security standards: General rules.

(a) General requirements. Covered entities

must do the following:

(1) Ensure the confidentiality, integrity, and availability of all electronic protected health information the covered entity creates, receives, maintains,or transmits.

(2) Protect against any reasonably anticipated threats or hazards to the security or integrity of such information.

(3) Protect against any reasonably anticipated uses or disclosures of such information that are not permitted or required under subpart E of this part.

164.308 (a)(1)(i)(ii)(A) (a) A covered entity must, in accordance

with § 164.306:

(1)(i) Standard: Security management process. Implement policies and procedures to prevent, detect, contain, and correct security violations.

(ii) Implementation specifications:

(A) Risk analysis (Required). Conduct an accurate and thorough assessment of the potential risks and vulnerabilities to the confidentiality, integrity, and availability of electronic protected health information held by the covered entity.

164.308(a)(1)(ii)(D) (D) Information system activity review

(Required). Implement procedures to regularly review records of information system activity, such as audit logs, access reports, and security incident tracking reports.

 

For more information, please send us an email at cacrawf@saturnpartners.com or contact us at 312-961-9469.

 

… The Saturn Partners… providing cutting edge network and critical infrastructure security and compliance solutions since 2002.”

Carole Crawford

AUTHOR - Carole Crawford

I have been in the IT Security industry for over 10 years and have extensive experiences working with a wide variety of companies like banks, hospitals, utilities, and more. When it comes to IT Security, Auditing, penetration testing, vulnerability assessments, and HIPAA compliance, you'd be hard-pressed to find more value in any other company.

No Comment

0

Post A Comment

Google