HIPAA Compliance Services - Protostar
Menu close
Flat Rate
Proactive
Constant
HIPAA Assistance
Audit Support
Peace Of Mind
EXPLORE
protostar brochure and notebook

HIPAA Compliance Made Easy

HIPAA compliance absorbs time, personnel, and other valuable resources from your organization. Protostar’s Elite Protection for HIPAA ComplianceTM provides all the tools, expertise and coaching your organization needs to obtain, maintain and promote a culture of HIPAA compliance in an easy, incredibly affordable way.

Learn More

Who must be HIPAA compliant?

The HIPAA Rules apply to two groups: covered entities and business associates. A covered entity is a health plan, health care clearinghouse or health care provider who electronically transmit any health information. Examples of covered entities are:

  • Doctors
  • Dentists
  • Pharmacies
  • Health insurance companies
  • Company health plans

A business associate is a person or entity that performs certain functions or activities that involve the use or disclosure of protected health information on behalf of, or provides services to, a covered entity. Examples of business associates (whose services involve access to PHI) are:

  • CPA
  • Attorney
  • IT providers
  • Billing and coding services
  • Laboratories

For more detailed information on the definition of a covered entity and businesses associate visit The Department of Health and Human Services (HHS) website.

How We Help You

 

 

 

Everything You Need

Our HIPAA compliance solution include everything from Policies & Procedures, (free) Checklists, BAA’s, Patient Consent form and everything else under the sun you need for HIPAA compliance, at one low monthly cost (or an even lower annual rate!).

Comprehensive Risk Assessments

A risk assessment is not enough for HIPAA compliance. We supply the Security, Physical and Administrative audits required by the HHS

Engaging and Intuitive Training

Nobody likes watching dry videos or a four hour PowerPoint on anything, let alone HIPAA. We give you the ability to effectively engage and track the progress of your employees training, while fulfilling the federal training mandates.
Learn More
HIPAA Highlights From Ten Thousand Feet

HIPAA Privacy Rule

The HIPAA Privacy Rule provides federal protections for personal health information and gives patients rights to their own protected health information (PHI). The Privacy Rule permits the disclosure of PHI needed for patient care and other important purposes. The Privacy Rule applies to all healthcare providers, including those who do not use an Electronic Health Record (EHR) system, and includes all mediums: electronic, paper, and oral.

Privacy Rule Basics:

  • Spells out administrative responsibilities
  • Discusses written agreements between covered entities and business associates
  • Discusses the need for privacy policies and procedures
  • Describes employer responsibilities to train workforce members and implement requirements regarding their use and disclosure of PHI.

Privacy Rule Examples

  • Train all employees on its privacy policies and procedures
  • Properly dispose of documents containing protected health information
  • Secure medical records with lock and key or pass code
  • Create procedure for individuals to know to whom they can submit a complaint about a covered entity’s compliance with the Privacy Rule

 

HIPAA Security Rule

The HIPAA Security Rule requires covered entities, business associates, and their subcontractors to become HIPAA compliant by implementing safeguards to protect electronic protected health information (ePHI) that is created, received, or maintained. It specifies a series of administrative, physical, and technical safeguards to ensure the confidentiality, integrity, and availability of ePHI. Most violations of the HIPAA Security Rule result from businesses not following policies and procedures to safeguard ePHI, thus preventing them from becoming HIPAA compliant.

Security Rule Basics:

  • Establish a national set of security standards for ePHI
  • Protects health information held or transmitted in electronic form
  • Requires administrative, physical, and technical safeguards to secure ePHI
  • Supports the Privacy Rule requirement to reasonably safeguard PHI in all forms

Security Rule Examples:

  • Designate a security officer who is responsible for compliance
  • Create policies and procedures that explain proper use of workstations and electronic media
  • Ensure all employees have unique passwords
  • Limit physical access to covered entity’s facilities

Next Up.