Call MCS Today! (301) 202-6521

HIPAA Compliance

The Health Insurance Portability and Accountability Act of 1996, or HIPAA, refers to legislation passed by the U.S. government to establish industry standards to prevent the unlawful distribution of electronic Personal Health Information (PHI). According to the U.S. Department of Health and Human Services (HHS), HIPAA is designed to safeguard against the unlawful distribution of “individually identifiable health information,” including demographic data, relating to:

  • An individual’s past, present, or future physical or mental health or condition
  • The provision of health care to the individual
  • The past, present, or future payment for the provision of health care to the individual

Maryland Computer Service is 100 percent HIPAA compliant and adheres to all HIPAA guidelines. To learn more about HIPAA compliancy or our data protection services, contact us today.

HIPAA Compliant Data & Network Protection

Under HIPAA rule, any “business associate” of an entity—like an IT company—must implement specific guidelines and procedures to protect PHI. It is recommended that entities and their business associates establish a written agreement outlining all HIPPA compliancy procedures, including:

Physical Security Policies

In order to prevent a data breach, physical security policies are required to specify who is and is not granted physical access to certain areas of a facility. Physical restrictions may include guests entering an entity’s campus, limited employee access to specific rooms (e.g. server rooms), or admittance policies. Key codes, security badges, and access logs are just a few of the methods used to enforce physical security policies.

Access Control

Limited access control refers to what software programs, electronic equipment, or classified data an entity or its business associates are granted access to. This may include how PHI is requested and distributed and how the sharing of information is monitored within an organization.

Workstation Policies

It is important to institute workstation security policies and procedures that all entity employees must abide by. Examples of this include requiring a minimum password strength (unique characters, length, etc.), limiting unsuccessful login attempts, monitoring login access and time logs, and changing passwords regularly.

Virus Protection

Nowadays, virus protection is an IT standard when it comes to protecting your hardware and software from malicious viruses and hackers. But, are procedures established to outline how often your virus protection is updated, or procedures set in place in the event of a data breach? Actively monitoring the hardware and software of any entity is a critical step towards data protection.

HIPAA Compliancy from Maryland Computer Service

At Maryland Computer Service, we know just how important it is to protect all client personal health information, which is why we are 100 percent HIPAA compliant. Our certified IT experts will work closely with you to determine the current state of your organization’s technology infrastructure and recommend any procedural changes necessary.

Maryland Computer Service is 100 percent HIPAA compliant and adheres to all HIPAA guidelines. To learn more about HIPAA compliancy or our data protection services, contact us today.

HITECH

HITECH, or the Health Information Technology for Economic and Clinical Health Act, establishes civil and criminal enforcement of HIPAA rules. Click to learn more about HITECH and its HIPAA application.

Contact MCS