Security, Inc. and Strategic Healthcare Programs
Announce HIPAA Information Security Program
to Address Final Security Rule
alliance to provide HIPAA certification
services to the healthcare industry
Security, Inc. (PSI) and Strategic Healthcare Programs,
LLC (SHP) today announced a joint effort to provide HIPAA
security support services in response to growing demand
for security expertise in health care. The new services
are affordably priced, packaged offerings focused on
self-certification for published HIPAA security criteria,
just finalized on Thursday, Feb. 13, 2003.
The intent of the program is to provide a solution that
can be completed by organizations with limited resources
that is comprehensive enough to meet the minimum standard
based on sound security and industry best practices.
Barbara Rosenblum, CEO of Strategic Healthcare Programs
in Santa Barbara, Calif. said, “SHP is pleased
to be working in cooperation with PSI to offer these
services to our customers. The release of the final security
rule by The Department of Health and Human Services (HHS)
is putting a lot of pressure on health care organizations
and we’re glad to be able to help.”
In conjunction with this offering, PSI will develop a
special section of the www.practicalsecurity.com Web
site for clients of this service. PSI will provide resources
and links from this site, including sample forms, agreements
(such as the required “Business Associate Contract”),
training materials and compliance posters.
The following elements comprise the new offering:
- HIPAA Security Audit.
This security audit includes a HIPAA gap analysis
and Business Impact Analysis (BIA) based on the
security provisions of section 142.308 of HIPAA
requiring administrative, physical, and technical
control measures to protect confidentiality (security),
integrity, and availability of protected health
- HIPAA Checkup.
PSI returns periodically
to reassess security controls and processes. This
meets the expectation of due diligence recommended
in the published HIPAA guidance documents.
- Third Party Review.
Objectivity is crucial
to the validity of the self-certification. HSS has
strongly recommended outside review of compliance
in self-certification. Practical Security, Inc. acts
as an external party with adequate training regarding
generally accepted security guidelines and principles.
Paul E. Proctor, President of Practical Security said “By
providing the necessary third-party readiness review
at a reasonable price we hope many smaller organizations
will get the same compliance support the big hospitals
and insurers have already received,” Proctor
said, “This packaged service is designed specifically
with smaller organizations in mind.”
For more information go to www.practicalsecurity.com/hipaa_services.htm.
Practical Security Inc.
Founded in 2002, Practical Security Inc. (PSI) is
an information security services company dedicated to
helping organizations of all sizes secure their mission
critical information technology assets. Practical Security
provides a practical and educational advantage to companies
seeking ways to safeguard their information assets by
helping employees at all levels be better prepared to
detect, analyze and prevent IT security breaches. For
more information on PSI, visit www.practicalsecurity.com.
Strategic Healthcare Programs, LLC
Healthcare Programs, LLC (SHP), headquartered in Santa
Barbara, Calif. is a healthcare data services company
specializing in the use of technology and clinical
expertise to identify, collect, analyze and report
clinical data to over 1000 clients nationwide. SHP
was granted the Healthcare Information Technology award
sponsored by the National Managed Healthcare Congress
for innovations in interfacing a SHP outcomes program
with other healthcare software vendors. In order to
diversify its data mining and data management services
to emerging markets, the company also has offices in
Pittsburgh, Pa. Website: www.shpdata.comwww.shpdata.com.
Beth Walsh, 858/724-2500