Healthcare providers, health insurance agents, employers that provide health benefits, and business associates that see Protected Health Information must implement HIPAA compliance.
The technical portion of the required HIPAA risk assessment, which is part of the compliance process, can be confusing and challenging. The results of the assessment will often indicate the need to implement IT oriented protections for your company. Your IT vendor is required to be HIPAA compliant as a Business Associate or Business Associate Subcontractor. If your current provider of IT services is not familiar with HIPAA standards, you may have the problem of the proverbial blind leading the blind.
The solution? A HIPAA-compliant Managed Service Provider – sometimes referred to as an MSP. Jason Karn, Chief Compliance Office,Total HIPAA recently interviewed Greg Manson, Director of Audit and Compliance, at Carolinas IT, an MSP. The discussion covered what questions a company that must be HIPAA compliant needs to ask an MSP before hiring and how to properly manage that relationship.
You can listen to this episode of HIPAA Talk Podcast here.