What is HIPAA Compliance as a Service?

A Tale of Two Office Managers

It’s mid-afternoon on a beautiful Friday. The last patient is wrapping in Op 3 as you sit down and open the mail before a relaxing weekend. That’s when you see it: a letter from the Department of Health and Human Services’ Office for Civil Rights.

“This is strange,” you think. “We’ve never gotten a letter from them.”

You open the letter only to discover that it’s the start of a HIPAA audit. Your stomach drops.

The letter has instructions on how to respond, a timeline for submitting the required documentation, and an outline of the scope of the audit. They want a copy of your policies and procedures, evidence of training, and a copy of the most recent risk assessment. The deadline is only 10 days away! There’s no way you can pull all that together that fast!

“When was the last time we did training?”

Your thoughts are running a thousand miles an hour.

“Did we train the new hire we made a few months ago? When is the last time I even touched our policies and procedures? Was it in a binder in the filing cabinet or on the shelf in my office? Did I skip our last risk assessment because we were down a front desk person and I had to cover the phones?”

You stare at the letter.

“So much for my relaxing weekend,” you mumble as you trudge back to your office with the letter in-hand.

Now, this is your story after you chose Allevia Technology’s HIPAA Compliance as a Service offering.

It’s first thing on a Monday morning, and the office is buzzing! You had an emergency call for a toothache as soon as you unlocked the door this morning, and it hasn’t stopped since then. You finally take a breath and head outside to the mailbox to get the mail from over the weekend.

While thumbing through the letters on your way back inside, you see it: a letter from the Department of Health and Human Services.

“I wonder what they want?” you think.

You open it up: they’re conducting a HIPAA audit of your practice. Your stomach drops.

“Wait a second,” you pause. “This is exactly what Allevia helps us with!”

You jog back to your office, pick up the phone and call Allevia.

“I’ve got a HIPAA audit letter,” you say. “What do I do? I’ve got a packed schedule this week, and they want this information sent to them in 10 days!”

“Don’t worry about it,” says the calming voice on the other end of the phone. “Just let me remote into your computer and we’ll login to the compliance dashboard together and print out what they’re asking for. Remember when we had that meeting a few months ago? We can absolutely show the steps you took to become compliant. Even though you’re still working on a few loose ends, we can prove that you’re adhering to the policies that we reviewed.”

You breathe a sigh of relief.

“Thank you,” you say. “I’m not sure what I would have done without your help!”

HIPAA compliance is about more than just technology. Yes, tech is a piece of it; but compliance is about tracking, updating, and adhering to a set of standardized policies and procedures and conducting assessments along the way. It’s a journey, not a destination.

To find out how Allevia Technology can help you with HIPAA compliance, give us a call today at 865-686-6677 option 2 or send an email to [email protected].

Posted in
Avatar of Stefan Wilson

Stefan Wilson

Scroll to Top