Peter Radizeski is Founder and President of RAD-INFO INC. He is an accomplished blogalyst, speaker, author and consultant. He has helped many service providers with sales training, marketing, channel development and business strategy. He is a trusted source of knowledge about the telecom sector. His honest and direct approach make him a refreshing speaker.

Look for his innovative ideas and analysis of current technology on his blogs.

Meet him at one of the many conferences he attends and speaks at.

Hire RAD-INFO today!

You are here: Home / Blog / NSP Strategist / Do You Provide Service to Healthcare?

Do You Provide Service to Healthcare?

September 23rd was a big day last year (2013). It was the day that HITECH privacy and security rules went into effect for the US Healthcare system. Not just healthcare providers and payers but their service providers must be HIPAA and HITECH compliant.

The new rules are from the Health Information Technology for Economic and Clinical Health (HITECH) Act, [pdf of Act] which was actually passed as part of the ARRA Recovery bill. These rules re-define what a Breach is; define what a Business Associate is; and explain how to be compliant on Privacy and Security.

One expert I spoke with, Tim Rearick at University of North Florida, said that these rules for privacy and security are nothing more than best practices for the industry that should have been in place already. Since many have not had to comply until now, many companies have not installed these practices, which include written policies and procedures; formal controls; and formal Disaster Recovery plans. The time, effort and expense to comply are nothing compared to the result of an audit by the Office of Civil Rights.

The OCR has fined Wellpoint $1.7 million; and Cignet Health of Prince George’s County, MD $4.3 million, just name 2 incidents.

The Security rules were written to address every size organization, says Rearick, from the one-or-two physician office to Mayo Clinic and Blue Cross. The had to be generic, technology neutral and scalable – and they had to be non-specific because technology changes fast.

What does this mean for you?

As a service provider, of efax, voicemail, data storage, or even file-sharing (like Sharepoint), you will need to be compliant with the HIPAA and HITECH rules plus supply a Business Associate Agreement to the healthcare company.

Huh? Why? eFax stores the document before it makes it a PDF – and usually after as well. Sharepoint and any document file-share or data storage service can have electronic PHI (protected health information). Voicemail also can contain ePHI. As a provider of such services, you have to be compliant and supply the healthcare org with a BA Agreement, that spells out the role and responsibilities of each party. HITECH extended this privacy and security responsibility to all service providers.

If you have questions, I suggest you speak with a healthcare compliance officer or a HIPAA expert.

Some good info: HealthIT.gov

HIPAA Survival Guide video

Peter Radizeski is a telecommunications consultant and analyst with RAD-INFO INC. Service Providers have called on RAD-INFO INC for assistance improving sales, managing online marketing efforts, channel sales enablement and overall company strategy. Contact RAD-INFO INC at 813-963-5884 or https://rad-info.net
February 12, 2014 , NSP Strategist

Sellecom: 101 Ideas for Marketing in the Telecom Jungle by Peter RadizeskiSELLECOM: 101 Ideas for Marketing in the Telecom Jungle.

by Peter Radizeski