Service Solutions

PrivaPlan Service Solutions include a variety of solutions for your HIPAA compliance efforts. These include HIPAA Privacy compliance reviews, HIPAA Security Risk Analyses, customized HIPAA training, Policy and Procedure review or development, HIPAA remediation, assistance with Breach Notification investigation and follow up and Electronic Health Records implementation support for meaningful use or HIPAA compliance.

PrivaPlan’s services are used by health care providers of all types including hospitals, physician practices, allied health providers, Federally Qualified Health Centers/Community Health Centers, hospice, home health and long term care facilities, Planned Parenthood affiliates, and many others.

Business associates also use PrivaPlan’s services for HIPAA compliance, especially to develop compliance programs tailored for a business associate’s unique environment.

Services are also used by regional extension centers, EHR and health information technology (HIT) vendors, medical associations and other organizations.


HIPAA Security Risk Analysis

PrivaPlan: HIPAA Security, Compliance & Privacy Tools

HIPAA Security Risk Analysis – HIPAA Risk Analysis (per 45 CFR 164.308(a)(1)(ii)(A) is an essential requirement of both the HIPAA Security Rule, and also a "CORE" meaningful use measure for those organizations seeking EHR incentive payments.

PrivaPlan's innovative solutions for completing a HIPAA Risk Analysis have been field tested since the HIPAA Security Rule took effect in 2005 and conducted for physician practices, hospitals, community health centers and health agencies, public health departments and business associates with great success.

We offer a range of solutions, from a guided "do-it-yourself" model based on our low cost online ToolKit, or where our team provides the service.

PrivaPlan can provide the Risk Analysis as a "remote" or onsite project tailored to your budget and needs. We handle the entire process and provide a detailed report of findings and Risk Analysis!

New! PrivaPlan's HIPAA Security Risk Analysis Review – For those organizations who have had a Risk Analysis completed in the last two years, we can offer an affordable review and evaluation solution.

For larger organizations we also offer the PHI secure tool – an online Risk Analysis tool with over 600 questions and guidance to complete a thorough assessment. The online program stores your answers and documentation in a secure cloud environment.


Tailored HIPAA Education & Training

PrivaPlan: HIPAA Security, Compliance & Privacy Tools

Tailored HIPAA Education & Training – Many organizations make the mistake of believing that a "HIPAA 101" online or written training is sufficient for HIPAA compliance. The Privacy rule clarifies that HIPAA training courses should be included in the covered entity's own HIPAA Privacy Policies and Procedures. While “HIPAA 101” training is beneficial to establish a general understanding, it is not sufficient to ensure proper adherence to compliance programs.

The HIPAA Security rule further establishes the need for focused training by requiring security awareness and periodic security reminders. Security reminders are often implemented by reminding a workforce of threats or actual incidents that have occurred.

PrivaPlan™ offers fully customizable HIPAA education and training programs that exceed the requirements of the Security and Privacy Rules. We’ll utilize our arsenal of tools to help you meet and maintain compliance!

Live virtual training utilizing webcast technology.

Customized, recorded webcast training designed specifically for your organization.

Training materials and templates to use by your organization for as long as you’d like.

Security Reminder Video Series to distribute regularly to your employees (coming in 2016).

Audio seminars on select topics including the final HIPAA Omnibus Rule.

Brief video training "snippets" covering a particular topic of HIPAA compliance.


REMEMBER: The PrivaPlan HIPAA Privacy and Security Compliance Online Toolkit subscription includes regular HIPAA newsletters that can easily be used for ongoing awareness and reminders!


HIPAA Breach Notification Review and Remediation Services

PrivaPlan: HIPAA Breach Notification Tool

HIPAA Breach Notification Review and Remediation Services – Breach notification requirements underwent a significant regulatory change with the Final HIPAA Omnibus Rule. The harm threshold has been replaced by a four factor risk assessment while the notification requirements remain as defined in the Interim Final Breach Notification Rule.

PrivaPlan can help your organization follow up a breach or incident and assist in determining if notification is required and what remedial actions are necessary. Additionally, PrivaPlan can handle the notification process.

California covered entities who also may need to report to State authorities can use our services to handle State notifications.


HIPAA Policies and Procedures review / development

PrivaPlan: HIPAA Policy Toolkit

Policy and Procedure Review and Development – HIPAA policies and procedures development and maintenance is a common gap for HIPAA covered entities and business associates. Often templates are incorporated without sufficient customization, detail and granularity to reflect an organization's actual environment.

PrivaPlan provides expert analysis of your policies and procedures with detailed remediation work plans. We also can write or update your policies and procedures and lift the burden of this time-consuming task.


Network vulnerability scanning (Penetration testing)

PrivaPlan: HIPAA Compliance, Security & Privacy Toolkit

Network Vulnerability Scanning (Penetration Testing) – As part of our HIPAA Security Risk Analyses services, or as a stand-alone service, PrivaPlan can deploy a cyber security network vulnerability scan or penetration test. Working with some of the industry's leading experts in this field, we can run a simple perimeter test or a full nodal internal network scan.


+ Other Personalized HIPAA Consulting Options

PrivaPlan: HIPAA Compliance, Security & Privacy Toolkit

Other Personalized HIPAA Consulting Options – PrivaPlan Associates can tailor consulting services to your specific needs. We provide specialized services to health care providers, business associates, and health plans.

Examples include:

  • Assisting business associates with understanding their compliance requirements.
  • Reviewing compliance plans.
  • Providing specialized training to Compliance/Privacy or Security Officials.
  • Providing Board of Directors with training.
  • Acting as your outside Privacy and Security Officials.