CoyoteWorks: HIPAA

	Health Care

	HIPAA Compliance
	Operational Environment
	Operational Assessment
	Technical Assessment
	Privacy Assessment
	Information Security
	Compliance Risk Analysis
	Enterprise Application Integration
	Code Remediation

Ensure That Your Operational Environment Is HIPAA Compliant

>> Awareness, Assessment, Implementation

The Administrative Simplification provisions of the HIPAA mandate the development of standards and requirements for the electronic transmission of certain health care data. If your organization transmits health care data electronically, you must create a HIPAA compliant operational environment.

Non-compliance with the HIPAA Security Rule is only one reason to engage CoyoteWorks Technologies. More importantly, our service significantly reduces the following financial risks, which could have a costly impact on healthcare organizations today.

Civil Lawsuits-Many legal experts believe that even before the HIPAA Security Rule goes into effect, healthcare organizations could be sued in state courts if patient information is compromised and released as a result of an inadequate security posture.
Negative Publicity-Healthcare organizations typically store a wealth of confidential patient and corporate data that, if released, could have a devastating impact on public perception. For instance, by law, hospitals must record every medical error that occurs at the facility. If this information is obtained and released to the public, the damage incurred on the reputation of the hospital would be extremely difficult to resolve.

CoyoteWorks Technologies' HIPAA Compliance Services are focused on a client's privacy and security environment in light of the new regulations. Our comprehensive solutions can be bundled or purchased separately to address compliance needs and fall within three phases -- awareness, assessment, and implementation.

Phase 1 - Awareness

If you are not already knowledgeable about HIPAA, CoyoteWorks Technologies can provide your organization with training and education services to build awareness among various health care stakeholders through our HIPAA overviews and seminars. CoyoteWorks' structured approach to meeting the requirements of the proposed HIPAA rules and regulations highlights education as a key component. HIPAA education and awareness must be ongoing and engage the healthcare community at all levels. CoyoteWorks is offering our expertise to ensure that clients meet the regulations of the Health Insurance Portability and Accountability Act (HIPAA). By providing an in-depth explanation of HIPAA, as well as instruction on how to perform a HIPAA Risk Assessment, CoyoteWorks provides the tools healthcare providers need to start tackling the emerging compliance issues.

return to top ^

Phase 2 - Assessment

A dedicated project manager and a team of HIPAA professionals visit your organization to gather information about your business structure, your security practices, and your IT infrastructure. After gathering this information, the project management guides a team of HIPPA professionals to:

Analyze your operational environment to determine which areas do and do not comply with the HIPAA guidelines
Prepare a HIPAA Report Card that summarizes your current level of HIPAA compliance
Develop and present a HIPAA Assessment Report outlining the actions needed to meet HIPAA guidelines
Recommend actions required to successfully strengthen your infrastructure to meet HIPAA regulations

This phase allows you to calibrate the scope of process, technology, and operational changes that will be required and in determine your strategy. This approach is the most cost-effective way to evaluate your infrastructure and benefit from expert advice. It provides a framework for a total end-to-end solution that ensures compliance with HIPAA standards while leveraging your operational and business goals. CoyoteWorks has the following offerings in this area:

HIPAA Operational and Technical Assessment Services — Provides a review of existing business processes and systems to identify the opportunities, risks, impacts, costs, and operational changes required for HIPAA compliance. CoyoteWorks' comprehensive HIPAA assessment services and tools address key areas affected by HIPAA security and privacy standards. In the process, we help organizations leverage their HIPAA investment into a broader digital strategy.
- HIPAA Operational Assessment Services
- HIPAA Technical Assessment Services
HIPAA Privacy and Security Assessment Services — Helps organizations prevent wrongful disclosure of individually identifiable health information by identifying the privacy-related risks associated with HIPAA and identify opportunities for improvement. Evaluates clients' systems, process and policies to ensure they appropriately protect health information, in accordance with HIPAA requirements and industry best practices.
- HIPAA Privacy Assessment Services
- HIPAA Information Security Services
HIPPA Compliance Risk Analysis Once the assessment is complete, CoyoteWorks suggests that the client performs a follow-on Risk Analysis to identify business priorities and potential threats and vulnerabilities. This effort begins with a Risk Management Workshop, where CoyoteWorks' security consultants work with you to have a thorough understanding of the potential threats faced by your organization and to develop a list of controls to remove, mitigate, or transfer the risk of those threats. A risk analysis would answer the following questions:
- What additional safeguards are needed to reduce vulnerabilities?
- How much will it cost to implement safeguards?
- Which of the safeguards can be implemented in a cost effective manner, not just initially but on a continual basis?
- Does the organization have sufficient internal resources to develop and implement a comprehensive, ongoing security program?
- Will the organization need external resources from information technology vendors?

return to top ^

Phase 3 — Implementation

Now it's time to implement your HIPAA compliance strategy. As part of CoyoteWorks' HIPAA Implementation Service, a dedicated project manager directs the implementation of a customized solution that meets your specific needs. The services team installs and configures your HIPAA solution, assures that your environment meets the currently published HIPAA guidelines, and tests the solution to eliminate concerns about how the new infrastructure might affect your existing operations environment.

CoyoteWorks's HIPAA Compliance Services accommodate numerous strategic alternatives, including:

HIPAA Information Security Services - Provides a life-cycle strategy for protecting the integrity of health care data. This includes ensuring the confidentiality and security of information, making it available to authorized users, and training your staff to comply with the new policies.
HIPAA Enterprise Application Integration Services - Provides a software "frontend" around your existing systems and applications to process HIPAA transactions with minimal change, enabling you to respond to future regulations and e-business opportunities - either in-house or with CoyoteWorks' support.
HIPAA Code Remediation Services - Applies both manual and automated tools and methodologies to perform enterprise-wide examination, analysis, and remediation of code to meet HIPAA requirements, maximizing your investment in your existing systems.
HIPAA System Replacement Services - Encompasses CoyoteWorks' designing, developing, testing, implementing, certifying, and operating a HIPAA-compliant health care system as an alternative to remediating your existing system.

return to top^