ATLANTA, GA - February 7, 2013 - CompliancePoint, an information security consulting and services provider, announces the availability of its new service for the development of HIPAA policies and procedures. The Health Insurance Portability and Accountability Act (HIPAA) now includes the HIPAA Security, Privacy and Breach Rules that establishes national standards to protect individuals’ electronic personal health information that is created, received, used, or maintained by a covered entity. The compliance requirements of the HIPAA Security, Privacy and Breach Rules mandate a very specific set of policies and procedures to manage the administrative, physical and technical safeguards.
Complying with the HIPAA Rules as amended by the Health Information Technology for Electronic and Clinical Health (HITECH) Act involves many steps and considerations. A HIPAA/HITECH covered entity must implement in either written or electronic form its policies and procedures regarding personal health information (PHI).
"Knowing what policies need to be created, updated and communicated to those both inside and outside the organization is a daunting task," explains Jerry Wyble, Vice President and Practice Manager for CompliancePoint's Information Security practice group. "CompliancePoint's consultants work in conjunction with an organization's administrative and information technology staff to create the necessary documents. Our well-defined, proven consulting process includes information gathering, policy and procedure development, document review, and document release and implementation. The documents created through this service provide a foundation for demonstrating due diligence in compliance with HIPAA/HITECH standards. In addition, these documents provide clarity in employee communications and serve as a layer of defense against liabilities associated with misconduct."