Under the Health Insurance Portability and Accountability Act (HIPAA) of 1996, organizations that process and/or maintain healthcare-related information are federally mandated by to demonstrate compliance for the security of electronic Protected Health Information (ePHI).
In 2009, the Health Information Technology for Economic and Clinical Health Act (HITECH) added provisions that extended HIPAA Security requirements not only to business associates, but also to subcontractors as well.
Rsam for HIPAA / HITECH Risk Assessment
Rsam is an efficient, cost effective and highly-scalable solution designed to help even the most complex organizations meet HIPAA Security Risk Assessment requirements quickly and easily. Rsam's out-of-the-box HIPAA compliance template comes pre-mapped to appropriate assessment areas such as applications, departments, business associates, infrastructure elements, and more.
- Perform a faster, more thorough Information Security Risk Assessment across dozens – even hundreds of sites
- Manage online and offline data gathering for HIPAA Core Measures with a central repository for documentation
- Enables turnkey Third Party Security (TSP) Assessments with real-time gap analysis
- Generate actionable, real-time reports & dashboards to monitor compliance levels
- Accommodations for Future Changes in HIPAA with automatic updates to all control templates from Rsam
- Eliminate the Complexity of HIPAA Compliance – Assessment templates come with predefined, robust controls based on HIPAA best practices; cross-referenced with NIST guidelines. Select only those controls you wish to include in your assessment or modify / add your own controls quickly & easily.
- Workflow that Mirrors ANY Existing Process – Dynamic Workflow bends to meet your most complex processes – not vice-versa. Map virtually every aspect of current workflow processes into Rsam. Upon completion, the process can automatically be passed to other users for review or additional input.
- Achieve More Accurate Results – Achieve the highest degree of accuracy with Rsam's relationship-driven technology. Rsam draws a relationship between the ePHI findings on a given server to identify its possible effect on the control requirements of the room it resides in. The moment ePHI findings for this server is entered and the relationships are identified, Rsam adjusts the appropriate criticality levels, control requirements, and compliance evaluation automatically
- Deliver Real-time, Actionable Reporting – Rsam 50+, out-of-the-box roll-up/ drill-down reporting delivers actionable information to key stakeholders. Organizations can also launch their own custom reports, either in Microsoft SSRS and/or Crystal reports, directly from Rsam. All data entered into Rsam is immediately available for consumption by Rsam's analytic engines, reporting structures and dashboards within the application giving end-users access to real-time data.