hipaa 101 for startups
TRANSCRIPT
HIPAA Compliance for Startups
HIPAA 101: Survival tips for startups beginning their journey in healthcare
What is it?
HIPAA is a set of guidelines that outline how patient information is
to be stored and transmitted.
What HIPAA stands forHealth Insurance Portability and Accountability Act
Legislation that provides guidance on how electronic patient health information can be stored and protected.
MedicationsClinical notesInsuranceBlood testsMRI scan, etc.
Uniquely IdentifiableInformation
NameEmailSocial security numberDriver’s licensePhotographs, etc.
Health Information
Security RulePrivacy Rule Enforcement RuleBreach Notification Rule
Main points about HIPAA
The Security Rule and the Privacy Rule
Security Privacy
Standards for the securing and transmission of healthcare information
Protection of individually identifying information (SSN, name, email, etc.)
The Enforcement Rule and the Breath Notification Rule
Enforcement Rule Breach Notification
Establishes how regulators will determine liability and calculate fines for
HIPAA violations
Requires entities to provide immediate notification to HHS if a breach affects
more than 500 patients
Who does HIPAA Apply to?
Covered Entities and Business Associates
Covered Entities
Doctors, Hospitals, Health Insurers, self-insured employers
Business Associates
A Business Associate is a vendor or subcontractor who has access to
health information
What are my responsibilities as a startup?
If you’re collecting or storing health information with covered entities, sign a BAA (Business Associate Agreement). This outlines procedures
for how you will protect health information and how you will respond in the event that there is a breach.
Almost there...
What if I violate HIPAA?
Fines can range from $100 to $50,000 per violation. Annual
maximum penalty for violations is $1.5 million per year.
How can I be compliant?
Accountable will help you remain compliant with the administrative aspects of HIPAA
HIPAA compliant hosting and healthcare integration with non-standard pricing
Train your employees on proper procedures to protect patient information
Produce your own BAA agreements together with policies and procedures for handling patient information
Can partner with vendors to speed up integration with EHR providers and hospitals
Developer-friendly and open-source resources for your BAA’s and technical documentation
How can I be compliant? Cont.
Simple HIPAA compliant hosting in the cloud with affordable pricing for startups
Pricing begins at $2,500 for their standard plan with higher prices for enteprise
Compliance training that is tailored specific to employee roles
Access to policies and procedures designed specifically for web and mobile apps in the cloud
Plenty of documentation for developers on HIPAA, and True Vault’s capabilities
Privacy and data insurance policy for customers
You made it!Our explainer is only a start, ensure that you’re always in compliance
and keep up with the latest changes to HIPAA and HITECH.