Third Rock, focused on improving operational performance through effective and efficient compliance, has taken decades of security and enterprise experience and created a stream-lined, affordable HIPAA / HITECH compliance solution that small and medium businesses can afford.HIPAA / HITECH regulations now mandate that organizations perform over ten major efforts to be HIPAA compliant.
Third Rock’s Worry-Free ComplianceTM is a comprehensive HIPAA/HITECH Compliance solution for the healthcare provider and business associate that helps these organizations conform to all of the current regulations and better protect PHI. Tailored for the small to medium sized company, designed to be rapidly implemented and easy to maintain and manage. Step-by-step guides help keep the organization in compliance and improve its operation’s efficiency while reducing costs and increasing profits.
Worry-Free ComplianceTM Solution:
1. Step-by-Step Guide
A roadmap so you know what has to be done in what order and when.
2. HIPAA Awareness Training
New employee and refresher courses, to keep staff current on compliance.
3. HIPAA Security Officer Training
Specific job responsibility training is required.
4. HIPAA Policies & Procedures Training
Your staff needs to be trained on your organization’s documented policies and procedures.
5. Unbiased Professional Risk Assessment
Comprehensive NIST compliant questionnaire tailored to your practice to save time and reduce cost. Provides compliance report with score and prioritized remediation list.
6. Vulnerability Scan of All Network Devices
Complete network discovery and scan for compliance issues.
7. Customized Policies and Procedures
Complete set w/CFR references to meet your unique requirements.
8. Practical Complete Risk Management Plan
Plan with detailed procedures & diagrams to manage and mitigate risks on an ongoing basis.
A. Complete Compliance Monitoring & Tracking
Set of report registers to record all compliance activities.
9. Ready-to-Use Contingency Plan
Complete plan only needing your company’s information “plugged in”.
10. Business Associate Management and Agreements
Know when BA agreements are required and appropriate monitoring of BAs.
11. Third Rock Assurance – Cyber Protection
A. Technology Security Plan
What technology to employ to improve your protection of PHI.
B. IT Strategy Plan
How to plan, budget & manage IT. Includes budget, software key registry, checklist, vendor list.
C. Online Dashboard (Coming 1Q15)
HIPAA compliance tracking, document storage, scheduling, and disaster recovery in secure cloud. The compliance results are distilled into an easy to understand HIPAA Security Profile™.
D. Email Encryption w/Recipient Verification
Encryption alone isn’t enough -- you must know the correct person received the message.
E. Continuous Network Monitoring
Third-party, next generation vulnerability & compliance monitoring, another set of eyes protecting PHI. We reduce the noise so IT can easily find the issues to prevent breaches.
12. What to Do Next Guide
Easy-to-follow guide that steps you through risk assessment remediation and your ongoing compliance efforts.
Check your organizations compliance at http://hipaa-quickcheck.com.
Our goal is not to tell organizations what they are doing wrong, but to improve their ability to protect critical data and better serve their patients.
Contact Third Rock for Worry-Free ComplianceTM.