icon_service_hipaa_r1

Medical HIPAA Compliance

Professional HIPAA audits and managed support plans to assist in your HIPAA compliancy

If you and your business are in the category of Covered Entities or Business Associates, as denoted below, and handle protected health information as defined by The Health Insurance Portability and Accountability ACT (HIPAA), you are required to be HIPAA compliant.  Without it, HIPAA violations and enforcement can result in serious consequences.

Covered Entities

  • Healthcare Providers
  • Health Insurance
  • Plans Healthcare Clearinghouses

Business Associates

  • A person or entity that performs certain functions or activities that involve the use or disclosure of protected health information on behalf of, or provides services to, a covered entity and are paid for the work they do. Here are some examples:
    • Third-party administrators
    • CPAs
    • Attorneys
    • Managed Service Providers (MSP)
    • Shredding services
    • Billing companies

HIPAA sets a series of national standards to become and remain fully HIPAA compliant.  OrLANtech’s TotalCare Medical service offers just that with full system audits, recommendations and solutions that adhere to the latest healthcare industry regulations, as follows:

  • Mandatory risk assessments
  • Intuitive training
  • Seal of Compliance Verification
  • Incident management
  • Business Associate Management
  • Breach Support
HIPAA

With TotalSecurity, we account for all aspects of HIPAA regulation, and provide your company with the support necessary to achieve, illustrate, and maintain compliance throughout your day-to-day operations and over the long-term, in between annual check-ins.

HIPAA Compliance is not an option. So we created TotalCare Medical

What is TotalCare Medical?

TotalCare Medical is OrLANtech’s preferred managed services plan for medical organizations that encompasses the monitoring, security and data backups for your organization. OrLANtech has a team of 25 professionals with data protection and your network’s stability and security as their highest priority. HIPAA compliance is not an option, so we developed this comprehensive approach to protect you from the devastating consequences of a violation.

This plan also includes standardized hardware and software that OrLANtech feels is vital for your network’s optimal performance and uptime. This standardization is critical across all of our clients to ensure our engineers are trained and certified with these technologies and also allows us to keep them updated as required to protect you and your team.

If HIPAA compliance is essential for your organization, TotalCare Medical offers next-level support with the following features:

  • Flat-rate pricing allowing for accurate IT budgeting.
  • Unlimited maintenance hours (onsite and remote) between the hours of 8am-6pm Monday through Friday.
  • TotalView, TotalSecurity and TotalDefense solutions – powerful weapons against cyber attacks that could lead to HIPAA violations.
  • 24/7/365 monitoring and emergency support.
  • Monthly site visits within 20 miles of OrLANtech’s office.
  • Monthly and quarterly network checkups and reports.
  • Strategic Business Review (SBR) and planning meetings.
  • Emergency response time: one hour or less.
  • A team of engineers assigned to your account.
  • Vendor management.
  • Month-to-month agreements. No long-term commitments. Make us earn and keep your business!
  • Web-based client portal for real time IT management.
  • Customer satisfaction surveys on every support ticket.
  • Hardware and software from industry leaders in security and data protection to further assist you with HIPAA compliance.
  • Support from a team of the best engineers in Central Florida.

HIPAA Compliance - TotalView keeps you up and running

TotalView is OrLANtech’s monitoring agent that is installed on all servers and workstations in your network environment. This agent runs in the background monitoring all critical services and functions of your network devices. If any of the parameters exceed the set thresholds, it will send alerts in to our Network Operations Center (NOC), which automatically creates a ticket for our team to review and remediate.

We also have an automation and backup team that works daily with TotalView to improve automated functions within your systems to keep them running smoothly equating to less downtime for your company.

Features of TotalView include:

  • Monitoring agents on all servers and workstations.
  • Ticket automation in the event the system exceeds set thresholds.
  • Audit and inventory.
  • Automation of hardware and software inventory for each system.
  • Remote control.
  • Connection to your systems to remotely and quickly to repair issues.
  • Patch management.
  • Automation of Microsoft security patches and critical updates, which bolsters HIPAA compliance protocols.
  • Remote software installs.
  • Installation of software done remotely as needed.
  • System monitoring.
  • Hard drive analysis to determine free/used space.
  • S.M.A.R.T. (Self Monitoring and Reporting Technology) which provides predictive failure notifications from the computer’s BIOS to OrLANtech’s agent.
  • Restarts for failed Microsoft services.
  • Automated maintenance.
  • Disk defragmentation.
  • Scans to check file systems.
  • Purges of all temporary files from the system.
  • Reports and scripting.
  • Reports automatically generated for our team to review your account and systems.
  • Customized reports that can also be generated upon request.
  • Virus and threat monitoring to protect you from HIPAA compliance issues caused by cyber criminal activity.

HIPAA Compliance – Security that keeps you safe from cyber criminals

TotalSecurity is OrLANtech’s suite of hardware, software and services that combine to give you several layers of protection for your network infrastructure. HIPAA compliance demands that you protect patient data. Any failure to do so can cost you a fortune.

The advantages of a multi-layered, multi-vendor security approach include a broader spectrum of protection from many different sources, such as firewall proxies, email spam and virus filter, workstation anti-virus software and DNS web filtering. Different vendors employ many unique technologies and services to block attackers, and OrLANtech uses best-of-breed partners to protect our customers. If HIPAA compliance is essential for your organization, put your trust in TotalSecurity.

HIPAA Compliance – Protect sensitive data with our comprehensive backup and disaster recovery solution

TotalDefense is OrLANtech’s backup and disaster recovery solution, giving you both onsite and offsite data protection. We feel the protection of our clients’ data is our greatest responsibility, especially when they are required to deal with complex HIPAA compliance laws. Our Backup and Disaster Recovery Appliance (BDR) is a purpose-built Windows server designed to create and store image-based backups of Windows servers and, in addition, upload those backups to our data center in Seattle, WA.

Breaking down our HIPAA Compliance procedures

Phase 1: Initial Data Collection

  • HIPAA Site Interview - Determine specifics about environment and HIPAA’s specific points of contact.
  • Onsite Survey - Observe the environment, take photos and document physical setup.
  • Initial Scan - Perform an initial HIPAA scan on every server and workstation on the network.
  • Run an external vulnerability scan on data center connections.

Phase 2: Secondary Data Collection

  • Data Collector - Run HIPAA scan on any missed PCs or servers.
  • User ID Worksheet - Gather specifics about users and access to ePHI.
  • Computer ID Worksheet - Gather specifics about PCs and access to ePHI.
  • Share ID Worksheet - Gather data about server shares and permissions, and which hosts ePHI.

Phase 3: Recording Exceptions

  • Security Exception Worksheet - This will be generated based on the info gathered in phases one and two. From here, any specific exceptions or explanations will be added to this worksheet.

Phase 4: HIPAA Documentation

  • Primary HIPAA reports to be generated during the HIPAA audit process
    • HIPAA Compliance Policy and Procedures
    • HIPAA Compliance Risk Analysis
    • HIPAA Compliance Management Plan
    • Evidence of HIPAA Compliance
  • Supporting reports
    • External vulnerability scan detail report
    • File scan report
    • HIPAA asset detail report
    • HIPAA full detail report
    • Login history by computer report
    • Share permission report
    • Drive encryption report

Phase 5: Final Review Meeting

  • Review report and make recommendations on items that need addressing. Provide digital copies of all reports.

Note: Some remediation may require additional project labor not included in this agreement.

OrLANtech's HIPAA Managed Service Plan includes quarterly HIPAA audits and merged changes into existing reports to show HIPAA compliancy progress. If you would like more information, please don't hesitate to contact us today.