Caris Consulting, LLC | Project Manager
Caris, an advocate for your business and team leader to meet your objectives. (920) 639-6615.
Covered Entity Responsibilities
Covered Entities are defined as:
-
A health plan.
-
A health care clearinghouse.
-
A health care provider who transmits any health information in electronic form in connection with a transaction covered by this subchapter. (Health Insurance Portability and Accountability Act of 1996).
Covered Entities have responsibilities to be compliant with all components of the Health Insurance Portability and Accountability Act of 1996 (HIPAA). The responsibilities include activities such as, but not limited to:
-
Caris can supplement your compliance staff or act as your compliance official on behalf of your organization.
-
Caris can develop a training program that can be used for your annual training or training to new employees.
-
Caris can conduct the Risk Analysis necessary to determine the effectiveness of your current controls, policies and procedures.
-
Caris can review or create the policies and procedures necessary to integrate the compliance requirements into your daily operations and practices.
-
Caris can review or modify your current Notice of Privacy Practices to include the necessary Omnibus Final rule material changes.
-
Caris can review your current Business Associate Agreements, modify or revise the agreements or manage your Business Associate relationships.
-
Caris can identify the satisfactory assurances you may choose to request of your Business Associates
-
Caris can document the compliance process, remediation and implementation plan needed for maintaining ongoing compliance.
-
Caris partners with reputable Technology firms to bring compliance and technology together to meet compliance responsibilities and objectives.
Personnel designations for a Privacy and Security Official
Safeguading Electronic Protected Health Information (e-PHI)
Training all workforce members and executives on policies and procedures
Create and implement policies and procedures
Conduct the annual Security Risk Assessment
Create, distribute and make available the organization's Notice of Privacy Practices
Obtain written satisfactory assurances (Business Associate Agreements)
Meet the documentation requirements for compliance activitites, policies and procedures