SMB Nation Blog

SMB Nation has been serving the Bainbridge Island area since 2001, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

HIPAA Risks: You Probably Don’t Know What You Don’t Know

bob vogel augustBy Bob Vogel, B2 Marketing

Blake Schwank is no novice when it comes to managed IT services and providing HIPAA Consulting Services to his clients. He’s been the CEO of Colorado Computer Support (CCS) since 2001, and has built one of Colorado’s premier MSP operations.

But if you ask him, Blake will tell you that even though he thought his company and his team were “covering the bases” when it came to their routine HIPAA Risk Assessments, as soon as they started using Network Detective he realized how much more his company could do to protect his clients – as well as his own business.

“When we first purchased the Network Detective HIPAA Compliance module, I figured it would be a quicker and easier way for us to generate the mandatory reports our clients need in order to be in compliance with the sweeping HIPAA regulations,” Blake told me.

“Once we ran our first report, I realized the true value in using this tool was with the evidence it provided to the client. By the time we complete the interviews, they realize we know what we are doing. Once we turn that into a report that references the specific HIPAA requirements, it is no longer just my team trying to convince the client of the need for policies or hardware expenditures. We can point them to the exact rules”

Another significant value was the ability to do internal IT audits of his own team. “The fact of the matter is, nobody’s perfect,” said Blake. “After we collect all the data needed for the analysis, we run a set of draft reports to see if my team has missed a task or a system like Antivirus, or updates have failed. They are easy to identify because the issues that need to be addressed are printed in red. Those are issues we need to resolve internally for the client to ensure they are compliant.”

Blake said that the final reports are proof to the client – and also to any government auditor – that all the required HIPAA policies related to electronic patient information are in place, and are being enforced. And if there are remaining risk issues that are dependent on the client to address, Blake and his team can point that out as well.

“We don’t charge our clients for these reports,” said Blake. “Our business model is to provide our clients with comprehensive services, and our fees cover the services we deliver.”

Blake also pointed out that even though there’s plenty of HIPAA-related information that has to be manually collected to supplement the network data collected by the Network Detective tool, all that information can be entered into the tool in one place, and the real savings is in the generation of the reports.

“It would take us weeks to compile and organize all of the data we collect to generate the reports that come out of Network Detective in minutes,” he said. “And we can easily brand them as our own. We realized our ROI on this tool with the first HIPAA risk assessment we performed.”

14 July 2015 9.1 million Windows Server!
The week that was – September 1, 2014
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Wednesday, 27 November 2024