COMPLIANCE SERVICES
What Does HIPAA Compliance Mean To You?
As a small business owner, compliance can sometimes be complicated and overwhelming to figure out. You may be asking if there is even any compliance your company needs to meet. If you work in the health care industry, insurance or legal services, chances are you must adhere to HIPAA if you are transmitting or storing Protected Health Information (PHI). PHI, in a nutshell, is any health information regarding individuals.
Here are a few examples (but not the full scope) of what your business should be able to answer yes to, to help ensure HIPAA compliance:
Have you conducted the following Audits/ Assessments? (NIST Guidelines)
- Security Assessment
- Privacy Assessment
- Administrative Assessment
- Do you have Policies and Procedures relevant to the HIPAA Privacy, Security, and Breach Notification Rules?
- Do all your workstations and servers have up-to- date antivirus?
- Are you using encryption when emailing PHI?
- For phones/tablets accessing email, do you have a policy in place to enforce a screen lock password?
- If you have a server, is it in a locked room or closet?
- Has your company fully migrated off of Windows 7 or outdated programs?
PCI Compliance
Any business that stores, processes or transmits cardholder data is required to be PCI compliant. Like any compliance regime, the PCI Data Security Standard (DSS) can be complex and difficult to manage. At Speedy, we understand PCI compliance and how it can help your business become more secure. We have services and technologies for organizations of all sizes that cover every aspect of compliance to help you achieve and maintain compliance, and experts on staff to help you to navigate the process.