are struggling to understand the impact of The American
Recovery and Reinvestment Act or ARRA on their
compliance programs. N-Tegrity Solutions Group has
partnered with The Clayton Group to develop guidance on
interpreting the regulatory language as well as pointing
out specific changes that will be required in HIPAA
Privacy and Security policies and procedures.
to the adoption of an electronic health record in the
provider space that will meet the Department of Health
and Human Services (DHHS) standards is understanding
"Meaningful Use" and what makes up a "Certified"
software application/record. It will be critical
for providers to be able to produce
updated Privacy and Security policies and procedures.
Without this material, the Provider or Health Plan will
not be eligible for any type of incentive funding being
made available through Stimulus funds.
organizations affected by the regulatory language of the
HITECH Act, there are provisions for heightened audit activity. This, along with the increased
penalties that may be assessed to organizations, means
that all covered entities and business associate's (even
those organizations treated as a business
associate) should heed the call to make sure that
policies and procedures have been updated and the
workforce trained on the revisions.
Select the following links to review a
Contents for the document or a sample of some of the
documentation for handling
If you would like to know more about ordering this
product, please visit The Clayton Group partner
www.theclaytongroup.org. You may also contact
an N-Tegrity Solutions Group sales representative in our
Midwest operation (816.463.4736) or our East Coast
In-depth Implementation Notes: Provides
a simple and concise review of each section found within
Subtitle D of the HITECH Act within ARRA .
New / Revised Policies and Procedures:
Multiple HIPAA Privacy and Security policies and
procedures were changed because of the regulatory
language in ARRA. Working with The Clayton Group
templates for Privacy and Security, revision have been
made to the original template set or additional policies
have been constructed as appropriate.
Handy Risk Assessment worksheets: As a
part of any Security program, an accurate assessment
must be made of the potential risks associated with data
exposure. The tools provided are based on NIST
guidelines and have been used multiple times as part of
the JumpStartsm methodology program developed
by N-Tegrity Solutions Group.
Expanded Business Associate Documents:
HITECH introduced some sweeping changes for Business
Associates. You will find an updated Business
Associate Decision Tree; a sample Business Associate
Agreement with security language and a special in depth
document that examines and defines all of the Privacy
and Security requirements of the actual business
Breach Tracking Log
and Notification Letter: The breach
interim final has been released and enforcement of
unprotected/unencrypted loss of data goes into effect at
the end of September 2009. Specific requirements
for breach are covered along with forms/letters to be
used as a part of your compliance program.
High-Level ARRA Work Plan: What needs
to be done and how are you going to track it? An
operational planning document is included that can be
used as the foundation for project planning purposes.