HIPAA Compliance

The goal of MedTech Results is to ensure that your organization meets all HIPAA requirements. MTR can help you get there. By completing the actions listed below, your organization will be fully “HIPAA compliant.” Our Clients have included numerous Healthcare Professionals, clinics, and hospitals, as well as many HIPAA Business Associates—suppliers of products and services to the healthcare industry.  

RISK ASSESSMENT  

The Risk Assessment is a key HIPAA requirement. We examine your technology environment, your operations, and your business procedures to make sure all requirement are met. The deliverable is a written document, the Risk Assessment. It includes an inventory of Protected Health Information (PHI), and a clear identification of areas which fall short of requirements, or need improvement, a gap analysis. With a strong background in healthcare and IT, we can suggest practical remediation steps as needed.  

Hipaa Research
Hipaa Documentation

HIPAA POLICIES and PROCEDURES 

HIPAA also requires written Policies and Procedures (P&P) that describe compliant operating procedures. The P&P describes good technical, administrative, and management practices. Our deliverable is a written document customized for your organization. For smaller organizations, the P&P need not be lengthy, maybe a dozen pages or so.  

 

THE BUSINESS ASSOCIATE AGREEMENT (BAA)  

The Business Associate Agreement (BAA) is another key HIPAA requirement. This is a formal agreement between healthcare providers, Business Associates, and some key vendors. MedTech Results provides you a good working copy of the BAA, and explains your responsibilities for using it.  

AWARENESS TRAINING  

Awareness Training must be provided to members of your workforce. MedTech Results provides user-friendly training materials that may be distributed to any employee, along with a simple Quiz to validate receipt of training. HIPAA does not require workforce members to be “HIPAA experts,” but only to understand and be aware of the requirements.  

PRIVACY NOTICE (NPP) 

Healthcare providers like doctors, clinics, or hospitals (Covered Entities), must have a Notice of Privacy Practices (NPP) in place. 
MedTech Results provides a fully compliant NPP document, customized for your organization. Correct methods for handling and distributing the NPP are explained also.  

OTHER SERVICES  

With wide experience in IT, MedTech Results can offer useful input on related topics such as business continuity planning, disaster recovery, clinical testing, infrastructure, and marketing. We’re happy to discuss any issues related to privacy, security, and technology.