HIPAA Compliance for small health care practices. Really? You can do that?
Absolutely! Work with trusted advisors and become HIPAA compliant.
Seems like the headlines about HIPAA are not very good
Headlines announce very large (enterprise) health care practices that are not HIPAA compliant, or they’re out of compliance, e.g. Blue Cross Blue Shield of Tennessee, or New York City Health and Hospitals Corporation. These are very large health care practices with the staff and money for HIPAA compliance. Yet they were fined for data breaches of protected health information (PHI). Their brands have been tarnished and their reputation needs rebuilding.
But what about small health care practices and HIPAA compliance?
- You mean the small practices, providing world class health care to a smaller (non-enterprise) community of patients, with limited resources and just a few dedicated doctors and staff? Yes.
- The small health care practices that don’t have the money to undertake the daunting task of becoming compliant? Yes.
- You mean small health care practices that don’t have a HIPAA Compliance Officer on staff? Yes.
Does this describe your practice?
Well . . . consider this. What if you had someone to help you become HIPAA compliant? Someone to provide the expertise you need, to get you going. Someone who will help you get there, and then stay there with you, after you’re compliant?
That someone could be DTS InfoTech, an IT Support company. A computer company that’s dedicated to HIPAA compliance and a culture of compliance.
A brief history
Back in the day and without a single thought regarding HIPAA compliance, DTS InfoTech started supporting small health care practices.
But those thoughts changed when the government made changes and imposed rules stating IT Support companies were considered business associates of health care practices and therefore had to be compliant.
We researched the HIPAA Final Omnibus Rule on the U.S. Department of Health and Human Services (HHS) and found that security obligations are now directly imposed on business associates, along with some privacy obligations. This means your IT Company must be HIPAA compliant.
Moreover, the Omnibus Rule’s change in the definition of “business associate” created new compliance obligations.
Ah ha! New obligations; code for government regulations. Full disclosure here – we did not agree (long story) with the Final Omnibus Rule regarding the business associates relationship with covered entities (CE). But that’s not our decision to make.
Like it or not, HIPAA had become part of our world
Our first thought was, “We’re a small company for crying out loud! We are NOT Blue Cross Blue Shield of Tennessee, or New York City Health and Hospitals Corporation. We don’t have a budget for HIPAA compliance, or experienced health care staff to take on a project as big and complex as HIPAA compliance.”
But as a business associate to our health care customers, a decision had to be made and there were two choices:
Become HIPAA compliant, or get out of health care . . .
walk away from our established medical client base
Our decision? Continue maintaining the computer networks of our health care practices and immediately begin a HIPAA Compliance Initiative.
We only share that bit of history to put some context into our offer.
Many small health care practices are struggling with HIPAA . . .
we can help
Since we began our compliance initiative almost two years ago, we’ve learned a lot about HIPAA and compliance. One of the things we’re very encouraged about is this: we are not alone. In fact, far from it. And based upon our experience with HIPAA, we can help.
We learned that the Office of Civil Rights is the enforcement arm of the HHS. They audited 115 covered entities under the Phase 1 Audit program and found that the “smallest covered entities were found to struggle with compliance under all three of the HIPAA Standards.” And “greater than 60% of the findings or observations were Security Standard violations . . .”
If your practice is struggling with HIPAA compliance, specifically the Security Standard, why not join forces with the computer experts at DTS, who are becoming HIPAA compliant and creating a culture of HIPAA compliance?
Get some help, it makes a lot of sense when you think about it.
Stop worrying about your computers and HIPAA Compliance with one phone call
Why trust DTS? Our customers say it the best.
“Our small business needs proficient, honest and sensible service. As a small business cannot be proficient in all areas, we must rely on DTS to provide the best options and solutions. Through the years our company has benefited by having a reliable, trust worthy computer system. Bottom line…….. We can come to work and get work done.”
Olson & Jones Construction Inc.
“I love working with DTS InfoTech!! This is a company who does what they say they will do. I find everyone at DTS to be trustworthy, honest and hardworking! I appreciate their communication style, expertise and knowledgeable. I can count on them and I can now rest easy in the matter of IT. I feel like I can finally breathe!!”
Customer Service / HR Manager
Indemnity Excess & Surplus Agency, Inc.
“DTS Info Tech provided us with the ability to look beyond what we had been doing and show us how we could do things better, more efficiently and less expensively. The month after month of care free computer service is wonderful. DTS has made our life a lot less complicated and has provided us with the confidence that one part of our business is definitely under control.”
The Cox Group
What you should do
Pick up the phone and call DTS and get the help you need from trusted advisors on your HIPAA Compliance Initiative. Plus you’ll get help with the proper care and feeding of your computer network.
We love to chat about this, the call is free and we’re not salesman. 503.359.1275
If you’re not comfortable with a phone call, you can read our blog and get to know us by downloading our two FREE eBooks:
These books are very informative, non-technical resources, on backing up your data and hiring computer consultants.
And don’t worry, no one will call you from our office just because you download a resource. I promise. You may get an occasional email, but we know your time is valuable and we won’t waste it with junk mail.
Dedicated to your success,
HIPAA Compliance Officer
DTS InfoTech . . . computer networks that work