|
|
|
  Executive Summary: As a business associate and busy MTSO owner, you know that compliance with regulatory requirements such as HITECH requires the establishment of a designated privacy officer. In fact, the penalties for noncompliance are significant and can essentially stop business in its tracks. One way to meet this requirement is to identify and hire an employee to perform this function. Another and more cost effective way to achieve this goal at a high level is to outsource this responsibility to a professional, credentialed privacy officer who becomes “your” privacy officer. A professional, credentialed resource dedicated to your organization who is part of your team, continually protecting your organization. We have already performed HIPAA training: This is great and a much-needed first step, but as you may know the rule change has brought many new and more comprehensive requirements along with ARRA and HITECH. Many business associates do a good job training new employees on HIPAA when they are hired, but new rules and significant penalties have increased the urgency in keeping awareness high, refreshing the message and updating employees as new changes take place. Policies and procedures must be detailed and cover very specific sections of the rule. Items such as a sanction policy and so many others must be addressed, documented and upheld consistently in every case. How important is it? This is a critical responsibility that many business associate MTSOs know needs to be done, but identifying the right individual to be knowledgeable in this area is challenging, particularly with the expense in bringing on additional expert staff. The last thing that any business can afford now is to be asked to produce their policies and procedures, their current, updated risk assessment, or respond to an immediate audit request for a list of patients and not be able to do this. It can erode client confidence levels and put your firm at risk. Is this something you can afford to delay any longer? The solution: By working with Privacy Officer Services (POS), your dedicated privacy officer is available to help your organization meet and exceed the demands of HITECH and compliance at the Federal level, with state requirements, along with hospital specific regulations to give you that peace of mind you need. Gain the assurance you need to know that when external audits or reviews are required by your client partners or by the Department of Health and Human Services Office of Civil Rights (OCR), they will be met with confidence. |
|
|
|
|
|
