Compliance Kit – head start on meeting all mandated requirements. Everything from an Industry-standard White Paper to a detail audit program.
HIPAA changes proposed for 2019 are getting closer. The Department of Health and Human Services’ (HHS) Office for Civil Rights (OCR) has favored issuing HIPAA guidelines to clear up misunderstandings with HIPAA compliance requirements, but we are now at a point when changes to HIPAA Rules are about to be made.
OCR asked 54 different questions in its RFI. Some of the main aspects being considered are in relation to:
Patients’ right to access and obtain copies of their protected health information and the timeframe for responding to those requests (Currently 30 days)
Removing the requirement to obtain written confirmation of receipt of an organization’s notice of privacy practices
Promotion of parent and caregiver roles in care
Easing of restrictions on disclosures of PHI without authorization
Possible exceptions to the minimum necessary standard for disclosures of PHI
Changes to HITECH Act requirements for the accounting of disclosures of PHI for treatment, payment and healthcare operations
Encouragement of information sharing for treatment and care coordination
Changing the Privacy Rule to make sharing PHI with other providers mandatory rather than permissible.
Expansion of healthcare clearinghouses’ access to PHI
Addressing the opioid crisis and serious mental illness
All if these are addressed in Janco’s Compliance Management toolkit.
Compliance Management is one of the top concerns of CIOs and other C-Level exeutives.
Compliance Management Kit was just released. All of the components of the kit were just updated to meet privacy and security madatesdue to GDPR for the EU and CaCPA for the state of California.
The kit comes in 3 versions: Silver, Gold, and Platinum. Each can be acquired with either 1 year or 2 years of update service. Janco feels mandates will continue to be added due to this high volume of cyber-attacks and privacy issues that are of concern to individuals and corporations.
First, he Silver version of the kit comes with the Compliance Management White Paper, a self-scoring Security Audit, a PCI Audit Program, and 31 key Job Descriptions including Chief Security Officer (CSO). Second, the Gold version of the kit come with all of that plus two full policies. The policies are the Record Classification and Management Policy and a Privacy Compliance Policy with a detail implementation work plan. The detail wok plan can be utilized right out of the box to ensure that privacy and security are implemented fully within the enterprise. And third, the Platinum version of the kit comes with everything in the first two, plus Janco’s Security Manual Template.
DRP BCP Audit Update Released with updates that have been implemented to see that the latest mandated requirements of ISO, the U.S., and the EU are complied with.
This Disaster Recovery / Business Continuity Audit program identifies control objectives that are meet by the audit program. There are approximately 50 specific items that the audit covers in the 17 page audit program. Included are references to specific tools that will assist you in addressing any defects or shortcoming the audit uncovers.
The Audit program covers the following control objectives:
Ensure that adequate and effective contingency plans have been established to support the prompt recovery of crucial enterprise functions.
Ensure that all mandated disaster recovery, business continuity, and security requirements have adequate compliance policies.
Ensure the survival of the business and to minimize the implications of a major enterprise and/or I T failure.
Ensure that all the potential risks to the enterprise are identified and assessed.
Ensure the optimum contingency arrangements are selected and cost effectively provided.
Ensure that an authorized and documented disaster recovery / business continuity plan is created, maintained up-to-date, and securely stored.
Ensure that the recovery plan is periodically tested.
Ensure that all internal and external parties are fully aware of their responsibilities and commitments.
Ensure that appropriate liaison is maintained with external parties (i.e. insurers, emergency services, suppliers, etc. ).
Ensure that both the damaged and recovery sites are secure and that systems are securely operated.
Ensure that systems and procedures are adequately and accurately documented.
Ensure that public and media relations would be effectively addressed.
The audit programs is available as a standalone item. In addition it is included with several of Janco’s offerings. They are: