Brainlink's
history of working with medical information and the healthcare industry
gives us a unique and extensive understanding of complying with HIPAA
and the wide range of self-regulatory guidelines in use in the
healthcare, pharmaceutical and Internet industries.
The four major building blocks of a HIPAA-compliant, security-conscious environment:
Technical
security ensures the integrity of all applications, databases and
infrastructure. This includes hardware, software and network security.
Process Security protects the continuity and integrity of information as it moves through your organization.
Operations
Security focuses on the safety of backups and recovery while also
looking at how information feeds to and from your business partners and
other third party sources.
Administrative Security
centers on the development of your organization's security policies and
objectives as well as the procedures for handling them. This includes
such key issues as "Chain of Trust" development, disaster recovery
planning, compliance officer selection and other security-focused
business decisions.
Brainlink
does not see HIPAA as an obstacle but as an excellent opportunity to
build a robust security architecture that benefits not just the
healthcare industry, but anyone interested in a complete and
comprehensive security environment. HIPAA may seem restrictive, but is
really just good business sense, even without considering the stiff
penalties for non-compliance.
Brainlink's HIPAA compliance services are always customized to meet the client's needs, and include:
Gap Assessment
- In the gap assessment process Brainlink looks at all aspects of your
operation, including technology, policies, procedures and practices, to
ascertain where your company deviates from HIPAA compliance.
Risk Assessment
- Working from the gap assessment document, Brainlink then examines and
weighs the risks these gaps pose. Some HIPAA violations can carry
higher penalties than others. Additionally some HIPAA violations put
you at a much grater risk for lawsuits than others. From this
assessment, we're able to generate a remediation plan, which proposes
solutions to your HIPAA problems designed to close your most serious
gaps first, allowing your company to spend its limited HIPAA dollars in
the most effective way possible.
Remediation
- During the remediation process, Brainlink will help you improve your
current technologies and, in some cases, install new ones.
Additionally, we will work with your staff to make sure your policies,
practices and procedures are all in alignment with each other and the
HIPAA regulations.
Education - Education is
critical to HIPAA compliance. Through its pyramidal learning approach,
Brainlink helps your key staff develop the HIPAA training program that
will be most effective within your organization while also providing
high-level, detailed one-on-one training to those staff members with
direct responsibility under HIPAA, such as your chief privacy officer
(a HIPAA requirement), technology, legal, public affairs, and public
and consumer relations staffs.
