Not Just HIPAA: What small businesses need to know about HITECH
Just what is HITECH? If you’re an entrepreneur whose small business has anything to do with health, it’s likely that you’re familiar with HIPAA, or the Health Information Portability and Accountability Act of 1996. But what about the Health Information Technology for Economic and Clinical Health (HITECH) Act and its requirements? If you are — or work with — a doctor’s office, dentist’s office, medical supply company or the like, you should be. If you’re not, let us lend a hand. Below, we at Frontier IT in Colorado Springs provide crucial information about how your small business can ensure technical compliance in case of an audit and avoid costly fines.
What is HITECH?
HITECH is the tech side of HIPAA. It was signed into law more than a decade after HIPAA in order to facilitate the use of health information technology. The act’s Subtitle D “addresses the privacy and security concerns associated with the electronic transmission of health information, in part, through several provisions that strengthen the civil and criminal enforcement of the HIPAA rules,” according to the U.S. Department of Health & Human Services.
Why should I care?
Well, how do we put this delicately? It’s the law. Violations can cost tens of thousands, hundreds of thousands or even millions of dollars each year. Money and laws aside, protecting personal health information is good business, and it’s the ethical thing to do. (We’re all about ethics here, and we’re sure you are, too.)
Where can I get compliance help?
How can a small business without an IT department — or perhaps with an anemic IT department — ensure compliance? By partnering with a managed service provider (MSP), of course! An MSP is like a large, top-notch IT department that offers its services to small- and mid-sized businesses at prices those businesses can afford.
An MSP can help your business become HITECH-compliant by providing the following:
- secure email and file sharing
- 24/7 access to files via offsite back-ups
- IT risk assessment and security policy development
- up-to-date computers and software (including antivirus and malware software)
- encryption for ePHI (electronic protected health information)
- enterprise-level networking equipment (including a firewall for intrusion detection/prevention)
Your takeaway: You don’t have to do this alone. An MSP can come alongside your business and facilitate your HITECH compliance, leaving you with more time to pursue your passions.
If your business needs assistance with HITECH compliance (or if you think it might), give your local MSP a call. If it’s anything like Frontier IT, the folks there will be more than happy to discuss how they can help ensure your business becomes, and stays, HITECH-compliant. Trust us — you’ll sleep better knowing that it is.
About Frontier IT & HIPAA/HITECH
Frontier IT is a Colorado-based B2B managed IT services provider trusted by hundreds of customers and their employees throughout the Front Range. We provide a powerhouse of technical capacity and experience to our customers, who outsource their mission-critical IT requirements.
Frontier IT’s extensive security policies and procedures are audited by a third party to ensure HIPAA compliance. These policies and procedures are put in place to protect customers’ ePHI. All employees of Frontier IT are individually tested annually to verify that they understand HIPAA guidelines and follow all policies and procedures implemented by Frontier IT.
Like what you read? Looking for additional tips and tricks to help small business owners succeed? Check out more of our blog posts here.