Healthcare Information Technology
Managing a medical practice is a constant challenge, even more so in today's competitive environment. With high overhead, high traffic and high pressure, medical records and EMR software have become essential to today's medical offices.
Center for Computer Resources is committed to providing comprehensive Health Information Technology (HIT) consulting services to our clients. We have dedicated resources to assist you in meeting the challenges of todays healthcare standards, while continuing to offer quality care to your patients. We focus on HIT combined with provider-patient quality care using successful, evidence-based processes to develop accurate, comprehensive and reproducible reporting. Our objective in offering these services is to provide you with current and reliable information, delivered to you, in a professional and efficient process designed to meet government compliances and revenue generating programs.
Contact CCR today to discuss our services such as:
- Meaningful Use Measure Review
- Review of current workflow and processes to identify deficiencies and inconsistencies
- Document process improvements to increase percentages
- Public Health Measure submission information
- Provide sample of audit request and documents
- Review required audit documents
- Discuss hypothetical audit submission process
Audit Process and Submission Support
- Review deadline dates and set up timeline for document preparation
- Review provider specific request for pre or post-payment audit information and measures
- Create custom audit submission zip file of all request documents
- Provide documentation of submission with dated receipt and auditor information
SRA SAQ to include:
- Provide Practice Specific Security Risk Analysis-Security Assessment Questionnaire
- Upon client completion of SAQ, documents submitted to CCR will be reviewed
- Testing of practice system/network will be completed. Results and remediation recommendations will be provided
- An HIT Consultant will be available to guide the practice through each step of the SRA process. The Consultant will review and document any/all security history which includes: HIPAA, incentive programs and IT reports. Following documentation, the consultant will assist in developing strategies and processes to achieve remediation in compliance with CMS mandates
Meaningful Use (MU):
- Documentation and finalization of CMS HITECH Act and HIPAA Omnibus Final Rule revisions to the Privacy and Security rules
- CMS Modifications between each Stage
- Core, Menu and Clinical Quality Measure documentation and review
- Analysis of measure percentages
- Develop and modify practice process and/or workflow to successfully achieve MU
- How to document MU for successful attestation
- Determine if an interface is mandatory or optional
- Explanation of compliance, documentation and possible public health interface requirements
One-time HIPAA Compliance Package
- Not every HIPAA-Covered Entity or Business Associate knows that they are required to have a risk assessment performed, and some that do know may have limited resources to invest in their patients' (or their own) protection. For these organizations, we can offer a One-Time HIPAA Compliance package. This package will include all of the documents automatically organized and prepared by the module, including: The HIPAA Policy and Procedures Document, the HIPAA Risk Analysis, the HIPAA Management Plan, and the Evidence of HIPAA Compliance. These core documents, along with all of the supporting documents constitute a core offering and CCR will help you meet your responsibility of having an audit conducted.
HIPAA Assessment & Remediation
- Conducting a comprehensive Risk Assessment is one thing, but that really should not be the "end" … but a "means" to the end. Our assessment is more-than-likely going to uncover a number of issues that need to be addressed. Some of these issues may be nothing more difficult than training an employee to update passwords. But others could be much more serious and involved, like changing the data back-up and recovery program. Our HIPAA Compliance tool will provide a Risk Score Matrix that will prioritize the work that should be done based upon potential impact to the business and likelihood of occurrence. As our client you will need to engage CCR in a Remediation Project that will address those issues that carry the highest risk, and highest fines.
Managed Compliance Service
- Organizations are not static, nor are their networks. New computers, software, mobile devices, equipment and files are continually being added onto the network throughout the year. And even with a relatively stable IT environment, most organizations' employees come and go, and change positions within the organization at a regular rate. The HIPAA assessment you perform today has a "shelf-life." How long that is really depends on a number of factors, including the type of the business, size of the organization, and speed of change. Best practice is to have a HIPAA assessment performed at some regular interval (but no less than once a year as required by law) to ensure that the organization is not only compliant at the time of the Risk Analysis – or upon completion of the follow-on remediation project – but that it REMAINS compliant at all times. After your initial assessment and remediation project is complete, we can set you up with a schedule of periodic re-assessments, which we call Monthly Risk Profiles, to ensure continued on-going compliance.