BEAVERTON, Ore., July 21 ID Experts((R)), the leader in data breach prevention and remediation, today announced Breach Prevent for Healthcare, a customizable set of services designed specifically for healthcare organizations to easily and cost-effectively comply with the new HITECH Act privacy regulations.
The HITECH Act expands HIPAA's privacy rules with specific data breach notification requirements - that will be enforced as early as September 2009 - for compromises involving protected health information (PHI). Enforcement could result in increased and sometimes mandatory penalties with maximum fines ranging from $25,000 to as much as $1.5 million. And HIPAA's reach now extends beyond healthcare organizations to cover business associates including billing services, collection agencies, accounting firms, and others that provide services to the health care industry. Adding to the complexity, the new HIPAA requirements generally do not preempt state law, meaning that health care providers could be required to comply with both HIPAA's data breach notification requirements as well as state notification laws.
"Fully complying with HIPAA and the HITECH Act is a complex undertaking. An organization that fails to achieve full compliance and, as a result, suffers a data breach could face substantial imputed and out-of-pocket costs, class action litigation, and enforcement actions by state or federal authorities," said Philip L. Gordon, chair of Littler Mendelson's Privacy and Data Protection Practice Group. "Companies that take proactive measures including, when needed, resorting to resources with extensive expertise in privacy, compliance, and breach response could help minimize the risk of a security incident and the associated costs."
Regulations aside, a data breach can hurt an organization's credibility and can carry huge medical and financial risks to the people whose data is lost. Breach Prevent for Healthcare can help organizations review all aspects of PHI security and data breach readiness, including:
"Meeting the HITECH privacy requirements is a challenge and we have learned firsthand where healthcare organizations need help," said Bob Gregg, CEO of ID Experts. "Organizations need to take a comprehensive approach to protecting PHI for the well being of their business and their patients, from risk assessment, to protection and security measures, to having processes and planning in place. Our experience working through hundreds of data breaches can offer tested solutions for the healthcare community."
Availability and Pricing
ID Experts' Breach services and offerings are already in use by hundreds of major U.S. corporations, healthcare organizations and government agencies. Breach Prevent for Healthcare is available immediately. For more information, please visit http://www.idexpertscorp.com/breach/prevent-healthcare/ or call ID Experts at
About ID Experts
ID Experts provides data breach solutions, risk assessment, forensic investigation and fully managed victim identity restoration to corporations, financial institutions, healthcare organizations and government agencies. As a leader in data breach prevention and remediation, the company has managed hundreds of data breach events, protects millions of individuals from identity theft and authored the Identity Crime Victim's Bill of Rights. ID Experts is actively involved with industry organizations including ANSI/Identity Theft Prevention and Identity Management Standards Panel, International Association of Privacy Professionals, Internet Security Alliance, and the Santa Fe Group. For more information, visit http://www.idexpertscorp.com/.
-- HITECH Compliance. Ensures initial and ongoing compliance with the data breach regulations of the HITECH Act. This service also monitors any future policy changes to help organizations maintain compliance. ID Experts manages all of the notification, logging and reporting requirements. -- Breach Risk Assessment. The Risk Assessment is performed by International Association of Privacy Professionals (IAPP) certified experts who assess the organizations' PHI and Personally Identifiable Information (PII) assets, policies and processes to identify applicable privacy requirements and data breach risks. -- Breach HealthCheck(TM). The Breach HealthCheck (also announced today) measures and demonstrates a company's exposure to data breach by comparing characteristics of data held, level of protection and business impact. A Breach Protection Index is developed both pre-assessment as a baseline and post-assessment to measure any changes as a result of the assessment and mitigation efforts. The Breach Protection Map provides a visual depiction of an organization's Breach Protection Index. -- Incident Response Plan. Experts will develop a customized Incident Response Plan that will provide a well-defined, organized approach for handling any potential threat to protected data as well as an action plan for responding to a data breach. -- Breach Respond. If a data breach occurs, ID Experts is ready to respond quickly with a customized plan in place. The response service includes notification letters, experienced call center staff, customized web site, identity theft protection packages and identity theft recovery.
SOURCE ID Experts