Image
image
image
image

MEDco Asset Audit Control (MAAC)
January 10th, 2008 CynergisTek, the computing and security consultant, reported on its blog recently that HIPAA compliance audits will be increased this year, thanks to a contract the government signed with PriceWaterhouseCoopers...see full article here

September 22, 2008 Surprise audits? Unannounced reviews? Predictions of a more aggressive effort by the Centers for Medicare & Medicaid Services (CMS), the Office for Civil Rights (OCR), and the Office of Inspector General (OIG) to enforce compliance with HIPAA security and privacy rules abound. Lately, the media has been abuzz with talk about new tactics that are being rolled out by Health and Human Services (HHS) to ensure HIPAA compliance from healthcare organizations and the industry is taking notice.

October 20, 2008 As consumers become more aware of privacy issues, some experts are warning healthcare organizations to expect greater scrutiny, while others suggest that new efforts still don’t address the bigger picture. This July marked a milestone in the HIPAA saga. For the first time since the privacy and security rules were enacted, a covered entity was required to pay a fine. Seattle-based Providence Health & Services agreed to pay a $100,000 fine.

The additional HIPAA Security rule published on February 20, 2003 requires healthcare organizations create policies and procedures to apply the security requirements of the law - and then train their employees on the use of these policies and procedures in their day-to-day jobs.

HIPAA rule creates specific requirements regarding creating, implementing, or changing policies and procedures: "Standard: Policies and Procedures -- A covered entity must implement policies and procedures with respect to protected health information that are designed to comply with the standards, implementation specifications, or other requirements of this subpart. The policies and procedures must be reasonably designed, taking into account the size of and the type of activities that relate to protected health information undertaken by the covered entity, to ensure such compliance. This standard is not to be construed to permit or excuse an action that violates any other standard, implementation specification, or other requirement of this subpart."

  • In order to achieve HIPAA compliance, health care organizations must audit the number of computers in their inventory, where they are assigned, who is logging into them, software installed and each computer's physical location. Recent studies show that most organizations can locate only 60 percent of their mobile computer assets.

  • The MEDco Asset Audit Control software is designed to provide you with a simple system to improve your control over your companies physical assets such as hardware, desks, closets, cabinets, drawers - anything that could contain HIPPA sensitive material. The increased vigilance this application allows you to take increases control of these vital assets and provides you with documented due diligence. HIPPA compliance is complicated; MAAC is a tool that helps you get there. MAAC is excellent for audit purposes, inventory control, providing reports, and an immediate trail of monitoring efforts, with dates and identities at the push of a button. With HIPPA compliance enforcement and audits only increasing,now is the time to put in a proactive control system and get it working - not when you get notified of next month's audit!

  • Other advantages of this system: photo and record documentation for insurance and warranty requirements, damage and theft resolutions, inventory and equipment accounting to name a few. Your physical assets are part of what makes your company function, and their correct control and maintenance is reflected in the bottom line, something that MAAC helps you achieve from day one. Its intuative screens, with on the fly instructions, context sensitive help and clear text allow you to get up and running in short order. Additional instructions with screen shots and more in depth application are available in the included manual, indexed to pinpont what you need,when you need it by pressing F1.

  • With the recent contracting of Price Waterhouse to increase compliance enforcement for the Goverment, now is the time to act. Start by downloading the free 30 day trial version of MAAC using it right away. You have nothing to lose but worry!

    Click image for closeup view Click image for close-up


    Click for close up view The Inventory Window
         IMAGE 1-1: This is the main inventory window. Notice the HIPPA section. Use this to indicate if this asset involves HIPPA material like a patient file. A file cabinet that stores patient files is HIPPA sentive. A receptionist desk would not. Later, generate a report that would include or exclude HIPPA sensitive assets. Thus, before an audit is due, print non-HIPPA sensitive report and then inspect each. Like ensure that a patient file is not in the middle drawer of the receptionist desk.


    Click for close-up view Inventory Report Options
         IMAGE 1-2: This is a close up of different report options available to you.


    Click for close-up view Sample report
         IMAGE 1-3: This is one page of a sample report. Notice the image of the item appears on these reports.




    Go to top of page


    image


    		•  image
    image