HIPAA Compliance

If your organization has access to electronic Protected Health Information (ePHI), it is recommended your organization complies with HIPAA regulations covering the security and privacy of confidential patient data.

Failure to comply with HIPAA regulations can result in hefty fines being issued and criminal charges and civil action lawsuits being filed should a breach of ePHI occur.

HIPAA can be applied equally to every different type of Covered Entity or Business Associate that comes into contact with Protected Health Information (PHI).

What is a Covered Entity?

A covered entity is a health care provider, a health plan or a health care clearing house who, in its normal activities, creates, maintains or transmits PHI. There are exceptions. Most health care providers employed by a hospital are not covered entities. The hospital is the covered entity and responsible for implementing and enforcing HIPAA complaint policies.

What is a Business Associate?

A “business associate” is a person or business that provides a service to – or performs a certain function or activity for – a covered entity when that service, function or activity involves the business associate having access to PHI maintained by the covered entity. Examples of Business Associates include lawyers, accountants, IT contractors, billing companies, cloud storage services, email encryption services, etc.

How can Crescent help you?

Crescent Computer Technologies will come out and perform a HIPAA compliance visit to ensure there are no violations of ePHI records.  It’s a necessary procedure to ensure you will not be in violation and avoid fines. We will provide you with a report and keep you out of trouble with our regular compliance service.