HIPAA Privacy Consulting
HIPAA Compliance efforts provide several challenges to covered entities (CEs) and business associates (BAs). Compliance requires establishing a Privacy and Security official to oversee your efforts, developing policies and procedures, while implementing them through thorough training, among other steps. Failure to enact a complete program can be viewed as "willful neglect" by the Office for Civil Rights. With much to cover and accomplish – and your resources likely beyond capacity – it’s no wonder healthcare organizations do not want to risk a misstep.
Just Associates provides a host of HIPAA Privacy Consulting practices to help covered entities and business associates improve compliance and minimize exposure to unnecessary OCR fines and penalties. Our Consultants have experience in conducting risk assessments, providing policy/procedure content and developing staff training tools. Our consulting services provide guidance and support to assure that the action steps you set in place are defined and appropriately prioritized. During a typical engagement, the tools, references, materials, forms and resources needed to prepare CEs and BAs are provided and customized for your specific needs and situation. As health information privacy professionals, we thoroughly understand HIPAA requirements, stay current on the latest issues and best practices, and deliver optimal approaches for achieving your required compliance goals.
HIPAA Privacy Consulting Services for CEs and BAs:
- Conduct mock OCR compliance audits, with vulnerability assessments and recommendations
- Perform/Update privacy and security risk analyses
- Customize and create forms and templates for your compliance needs
- Identify gaps in current privacy, security, and breach notification policies and procedures
- Develop HIPAA FAQs for your organization
- Recommend optimal practices for business associates, including tracking, documentation, requirements, and reporting.
- Provide guidelines for the development of a "Risk Assessment of Breach" notification
- Review Business Associates Agreements, Notice of Privacy Practices, incident reports and tracking documentation for compliance
- Assess and provide recommendations for HIPAA privacy awareness training
- Provide PRN Virtual Privacy Officer consulting services
Most healthcare professionals in the privacy and security space admit that it is not “if” a PHI breach will happen, it’s a matter of “when.” Preparing for compliance after an incident has occurred is too late. Although it is good to prepare your organization in case of an OCR audit, it is equally wise to prepare for breach avoidance by virtue of a well-established compliance plan. Contact us today to learn how we can help your organization prepare to simplify the complexities of establishing a rock-solid HIPAA privacy and security program.
"We engaged Just Associates for a complete review of our HIPAA Compliance program. They were thorough and professional in all aspects of the project and worked well with our team. We have been pleased with the deliverables and what we've learned along the way has helped to further strengthen our HIPAA compliance. Just Associates' expertise in this field and their approach in this project was wonderful. We had an on-time and on-budget experience and highly recommend Just Associates."
Mike Kimball, COO
“I would highly recommend [Just Associates] to anyone in need of privacy related services. They have completed two Mock OCR Audits for our organization, bringing with them vast knowledge and expertise of the rules and regulations. Susan[Lucci] worked with me and my team to prepare in gathering the needed documents and was a pleasure to work with during the on-site visit. After the audits, she was readily available when I had ran into an unfamiliar situation. I look forward to continuing our relationship with Susan Lucci and Just Associates on future projects.
Elaena Price, Privacy Officer
Mountain Family Health Center