Health Plan
Project Overview
A growing multi-location entity with over 150,000 employees as members of the company’s self-insured group health plan administered by the Benefits team in the Human Resource Department.
Challenges Expand- Having the confidence to know which Privacy and Security Rule regulations applied to the benefits team
- Needing subject matter experts to assess the group health plan’s level of compliance with HIPAA-HITECH
- Uncertainty as to how to update Business Associate agreements as required by the Omnibus Rule
- Developing a remediation plan to close compliance gaps and conduct periodic on-going assessments to confirm
- Established applicable Privacy, Security and Breach Notification Rule regulations through Clearwater’s Group Health Plan Requirements Determinator™
- Provided regulatory references confirming requirements
- Conducted compliance assessments using Clearwater’s Security and Privacy/Breach Notification software limiting the regulations to only those that were applicable
- Provided competent review and editing of Business Associate Agreement templates
- Resolved concerns stemming from the uncertainty of the applicable regulations
- Provided a compliance score for management oversight
- Identified compliance gaps and populated a remediation plan for prioritization and project management
- Had access to deep subject matter expertise and insight
Products & Services Employed
IRM|Privacy™ can drastically reduce – even prevent – data breaches, costly fines, penalties and permanent damage to your company’s reputation.
Given our extensive background in healthcare and specifically in Information Security, Privacy and Regulatory Compliance related services, dozens of organizations have chosen Clearwater Compliance to be their advisors.
About Clearwater
Clearwater Compliance helps healthcare organizations ensure patient safety and improve the quality of care by safeguarding the confidentiality, integrity and availability of protected health information (PHI). We have assisted more than 400 customers to operationalize and mature their information privacy, security, compliance and information risk management programs. And in the process, we are raising the bar for safeguarding PHI, protecting millions of Americans and driving real value for the organizations we support and the healthcare industry at large.