hipaaAs IT Professionals, Main Street Software has provided computer and network services to small and medium sized businesses since 1984. As a Business Associate (BA) for many clients, our services include HIPAA Compliance Assessments for any business in the medical field. Our engineers are all Certified HIPAA Security Professionals - which allows them to evaluate your IT infrastructure with an emphasis on HIPAA Compliance. We understand this provides you with the best value because we know what you need to become and remain compliant.

The Security Rule concerns the Confidentiality, Integrity, and Availability (CIA) of ePHI.

The rule is made up of Administrative, Physical and Technical Safeguards.  These safeguards are addressable or required, but addressable does not mean optional.  Addressable allows more flexibility but organization must document why the specification does not apply or show how you have satisfied it with a different method.

Administrative Safeguards

  • Risk Analysis, management – Required
  • Workforce security and information access management – Addressable
  • Security Awareness and training including protection from malicious software, log-in monitory, password management – Addressable
  • Data backup plan and disaster recovery plan – Required 

Physical Safeguards

  • Facility access controls – Addressable
  • Workstation use and security – Required
  • Device and media controls – Required

Technical Safeguards

  • Access Control – Required
  • Audit Controls – Required
  • Person or Entity Authentication – Required
  • Transmission Security (specifically encryption) – Required

We offer HIPAA Compliance Protection through our TFIT - Totally Flexible IT - plan which addresses all of these issues as well as an included annual Risk Assessment.

Interested in Learning More?

Contact us for a FREE compliance mini-assessment - click here