HIPAA Compliance Methodology

Our Difference

StoneHenge Partners Offers:
• Flexible approach with proprietary methodology
• Experienced HIPAA healthcare resources
• Certified BCP planners
• Awareness program
• Proven planning tools

Mentoring Program

The StoneHenge HIPAA Mentoring Program provides HIPAA experts who can help guide your organization's HIPAA compliance efforts. The program enables you to select the level of support you need to bring your organization into compliance. More.

Rock-Solid Approach to Healthcare Records

A major challenge facing businesses in the healthcare industry is HIPAA, the Health Insurance Portability and Accountability Act of 1996. Some of the impacts of this far-reaching regulation are:

Dramatic changes in the legal and regulatory environment for managing patient medical records.
Standardization of information technology to improve the quality of care and reduce administrative costs.

StoneHenge Partners can provide the strategic and technical resources to help guide your organization through the entire HIPAA compliance process. Using a phased-approach methodology, we can provide a turnkey solution or consult with you to develop a customized workplan that fits your particular needs.

Our proprietary compliance methodology includes three key phases:

A no-cost project proposal that includes a high-level review of your current environment and a scope of work.
A proven, tested assessment process to ensure all key areas are examined, gaps are evaluated, and risks are prioritized.
A phased, customized implementation process that includes four key areas of compliance.

The process also provides a complete audit trail, demonstrating due diligence in the event of future audits.

How We Can Help

1. Proposal

To introduce you to our process, we present our proprietary compliance methodology, explaining tasks to be completed.

Then, to set the scope of assessing your HIPAA compliance, we interview key people to compile a high-level inventory of your business operations.

Finally, we present a Project Charter that includes the scope of work, assumptions and constraints, deliverables, effort and cost. There is no charge to discuss your needs and prepare this proposal.

2. Assessment

A successful compliance implementation begins with a thorough and accurate assessment of your current business operations and IT environment. Here are a few of the items in a StoneHenge Partners assessment:

Chain of Trust Agreements
Business Continuity Plan
Patient record management
Patient information privacy procedures
Internal security audit process
Personnel and staff security
Security configuration management
Security incidents procedures
Security management process
Security awareness training
Computer systems and network design
Electronic Data Interchange compliance

For each area, we compare HIPAA regulations to your current compliance; rate the gap, if any, and the risk; and recommend a plan of action. From this gap analysis, we develop a prioritized implementation workplan.

Our assessment allows you to present estimated implementation costs of HIPAA compliance to senior management. It also allows you to determine the resources necessary for each phase of implementation, so you can decide which phases to handle in-house and which to out-source. Finally, it provides an audit trail of due diligence in case of future actions.

3. Implementation

StoneHenge Partners can guide you through any or all phases of implementation. Key areas are:

EDI compliance—in-house developed or third-party package
Security compliance—IT systems, physical systems, policies and procedures
Business continuity plan—patient records only or enterprise-wide
Privacy compliance—policies and procedures and staff training

Throughout implementation, StoneHenge Partners delivers expert staff, effective communication and thorough documentation to ensure the success of your project. After compliance is implemented, we can provided ongoing compliance auditing, maintenance and support.