HIPAA Compliance is an Ongoing Process
By Stephen Trout, , HIPAA Blog

Congratulations, you’ve made a wise choice to entrust your sensitive data to a proven, HIPAA compliant hosting specialist like HIPAA Vault! But wait – in terms of overall compliance, what does that really mean?

It does mean that the technical infrastructure we employ to host your sensitive data is fully compliant – expertly designed with multiple layers of security to protect your ePHI both in storage and in transit. Years of security and hosting expertise along with dedicated, live customer service work together to make “the HIPAA Vault difference.” 

What it doesn’t mean is that your organization as a whole is therefore HIPAA compliant. This is a vital distinction to make. In fact, the welfare of your data and your organization depends on knowing the difference. 

What do we mean?

The following illustration may help: you’re driving down the highway at 65 mph, cars whizzing by on either side of you. You feel confident that you’ll remain safe and secure in your vehicle since you just had a complete, end-to-end safety inspection, performed by your trusted mechanic. 

But let’s say – for one reason or another – you as the driver lack certain skills to respond well to the formidable challenges of highway driving. Maybe you’re unskilled in dealing with aggressive drivers.  Maybe you also lack the know-how to pilot your car safely through inclement weather.

Maybe you’re also carrying passengers in your vehicle who are displaying unsafe behaviors, such as teens who like to move around and lean over the seat to adjust the radio (instead of staying in seat belts), etc.  

Such distractions may impact your ability to keep you and your passengers safe, and may in fact be devastating (God forbid) if they cause you to lose control – despite those technical safety checks that deemed your vehicle safe. This is why you as a driver are required to be tested by law – both behind the wheel and with a written test. 

Achieving HIPAA compliance is like that. No doubt, the technical “machinery” (your hosting infrastructure, with firewalls, etc.) – like your car – matters greatly for protecting those inside (your “passengers,” or customer data), but unless the users (you, and others who drive your vehicle – ie, company staff with access, including business associates) are compliant and exhibit safe behaviors, all may be lost.  

So what are these “testing requirements” that are necessary for HIPAA compliance?

If you’re just beginning the process, HIPAA Vault has a helpful checklist you can use as an introductory assessment. 

In addition, Compliancy Group – an excellent partner of HIPAA Vault whose expertise can help your organization become HIPAA compliant – reveals the following Seven Fundamental Elements of an Effective Compliance Program:

  1. Implementing written policies, procedures, and standards of conduct
  2. Designating a compliance officer and compliance committee
  3. Conducting effective training and education
  4. Developing effective lines of communication
  5. Conducting internal monitoring and auditing
  6. Enforcing standards through well-publicized disciplinary guidelines
  7. Responding promptly to detected offenses and undertaking corrective action

We know – understanding and implementing these seven things may seem overwhelming at first. It’s important to know that there’s a step-by-step process that can simplify things for you.

Want to learn more about HIPAA compliance? Give us a call: 760-290-3406, or look us up at www.hipaavault.com.

HIPAA Vault is the leading provider of HIPAA compliant solutions, enabling healthcare providers, business organizations, and government agencies to secure their protected health information from data breaches, threats, and security vulnerabilities. Customers trust HIPAA Vault to mitigate risk, actively monitor and protect their infrastructure, and ensure that systems stay online at all times. In addition to providing secure infrastructure and compliance for health companies, HIPAA Vault provides a full array of HIPAA solutions, including secure email, HIPAA compliant WordPress, and secure file sharing, and more.