What features in MS2 help organizations achieve HIPAA Security compliance?
HIPAA Security compliance requires covered entities to establish a security program for electronic protected health information and to conduct routine risk assessments that evaluate a covered entity’s security needs. The risk assessment should, at a minimum, consider how the entity’s security safeguards address 42 specifications found in HIPAA’s security rule.
MS2, based on simple, comprehensive question-and-response logic, can provide the basis for HIPAA’s required security program and risk assessment. It automatically:
- Documents security policy and procedures
- Performs security risk assessments in relation to HIPAA’s 42 specifications as well as other security needs
- Prepares a security gap assessment
- Develops a solution set to address gaps for required HIPAA standards and specifications
- Develops rationales, as required by the rule, for specifications not addressed
- Contains a Compliance Tracking Center that identifies Action Plan Status of planned and updated security controls
- Contains a reporting and archiving center
- Security policies and procedures
- Risks assessments
- Provides for future assessments and updates
- Provides tools for tracking business associate compliance
- Contains a Best Practice and Solution Resource Center
|
