HIPAA Security Risk Assessments, HIPAA Consulting Services and Training
HIPAA is daunting. Petronella Technology Group (PTG) can help. PTG understands that you are in business to help your patients feel better, and so are we. With our portfolio of HIPAA compliance and security products, we diagnose and treat cybersecurity, the same way you diagnose and treat your patients. We help your patients feel better about the security of their Personal Health Information (PHI and ePHI) while you help your patients feel better about their health. And just like you, PTG customizes the HIPAA services we provide based on the needs of your practice. We know that there is not a “one-size-fits-all” solution to HIPAA compliance. We are a small business and we take pride in the fact that we really get to know your needs and the needs of your office. We offer a free consultation in order to find out what is relevant to you and your practice, and offer a personalized solution in our suite of HIPAA Compliance products.
PTG Comprehensive HIPAA Compliance Packages
You have absolutely no real clue where to start on your road to HIPAA compliance. After all, you got into the medical field to help your patients feel better, not worry about cybersecurity, right? Don’t worry. Not only are you not alone but this describes the vast majority of medical practices, and we are here to help! You’re a new practice (or at least new to HIPAA Compliance) and you have no idea where to even start. Lucky for you, we do! With these in-depth, comprehensive HIPAA-Compliant packages, that allow us to do most of the work while you focus on the health of your patients:
PTG’s HIPAA Complete Plan
Petronella Technology Group (PTG) knows HIPAA. It’s a confusing maze, but we’ve made it to the other side and we now know HIPAA inside and out. Which is why we can not only offer you a COMPLETE solution to HIPAA compliance, but we most medical practices HIPAA compliant in 12 months. Run from anyone who promises IMMEDIATE HIPAA compliance.
Because if they tell you they can, then it’s clear they don’t understand the layered, complex nature of HIPAA, and they will lead you to disaster. To implement HIPAA completely and correctly, you must tackle it layer-by-layer. Once one layer is cleared, a door opens to the next one, allowing you to weave yourself through the maze and come out on the other side alive to tell the tale. While we do offer a la carte solutions, you would be wise to tackle HIPAA head-on. Or should we say, let us tackle HIPAA for you. Our typical plan of action consists of the following:
Month 1: Regulatory Compliance
Month 2: What Does it Take to Comply With HIPAA?
Month 3: Jobs to Be Done
Month 4: Security Controls
Month 5: Important Policies and Procedures
Month 6: HIPAA Security Awareness Training
Month 7: HIPAA Security Awareness Training (Continued)
Month 8: Risk Assessment Overview
Month 9: Compliance Services
Month 10: Remediation
Month 11: Remediation (Continued)
Month 12: HIPAA Compliant and Peace of Mind
PTG’s HIPAA Complete for Startups and Entrepreneurs
HIPAA Compliance: Simplified. You started a new, small practice and have so much more to worry about than hackers, ransomware and cybersecurity. When you purchase PTG’s Complete HIPAA Compliance for Startups and Entrepreneurs, you will receive:
The PTG Complete HIPAA Compliance Toolkit which includes:
- 18 Customized Policies and Procedures ($4,950.00 value) to comply with HIPAA regulations
- 18 Security Policy videos
- Valuable Templates, including:
- Sample Business Associate Agreement (BAA)
- Sample Notice of Privacy Practices
- HIPAA Forum access at hipaadefense.com
- HIPAA Handouts
- HIPAA Regulatory Updates
- Threat, Vulnerability & Exposure Landscape
PTG’s HIPAA Security Controls Package with:
- Pre-configured hardware firewall, monitoring and management
- Pre-configured wireless wifi, secured and encrypted
- Next Generation Anti-Ransomware/Anti-malware protection for PC endpoint devices
- Remote Monitoring for PC endpoint devices
- Encrypted DNS filtering
- Lifetime warranty on hardware
PTG’s HIPAA Security Training for employees:
- Ongoing HIPAA Security Training
- Engaging Training Videos
- Compliance Testing
- Employee Certificates
- Administrator Training Reports
- New Hire Training
- Security Reminders
- 12 Months Use of Compliance Portal
- Employee Access to Security Policies and Procedures
Did you think that was it? PTG makes sure that we cover all your cybersecurity bases. If everything mentioned above wasn’t enough, you will also get:
- Business Associate Tracking
- Security Incident Module
- Server Room Access Tracking
- Disaster Recovery Plan Storage
- Articles and Reference Materials
- Contracts and Document Storage
- $250,000 Cyber Insurance* that covers:
- HIPAA Breach Expenses
- HIPAA Fines Coverage
- PTG Annual HIPAA Readiness Security Risk Assessment ($25,000+ Value)
- PTG Website Penetration Test and Gap Analysis with a remediation plan ($40,000+ Value)
- Live Risk Assessment Interview (Online Meeting)
- Live Risk Assessment Review (Online Meeting)
- Additional Security Recommendations
- HIPAA Compliance Snapshot
- Executive Summary Report
- Detailed Findings Report
- Threats Analysis / Risk Determination
- Annual Comprehensive 3rd Party HIPAA Security Risk Assessment ($25,000+ Value) - Satisfy MACRA/MIPS Promoting Interoperability Requirements. Final annual deliverable is a PDF showing your HIPAA security certificate of completion that can be shared with vendors.
PTG’s HIPAA Toolkit
Turn-key. One-stop-shop. All-inclusive.
PTG’s HIPAA Tool Kit is designed to help providers meet all HIPAA rules and regulations; this all-in-one package is an ideal resource for covering all your HIPAA compliance needs. It includes everything your business needs to reach that elusive goal of HIPAA compliance:
- 18 Policies and Procedures ($3,950.00 value) to comply with HIPAA regulations
- Private, Consultative webinar/training ($350.00 value)
- Staff training kit ($400.00 value)
- One month of live, Q/A, compliance roundtables ($99 value)
- HIPAA/Cybersecurity Blog, Forum and FAQ Access
- HIPAA/Cybersecurity Handouts (One-Pagers, Quick Guides)
- Regulatory Updates
- Threat, Vulnerability & Exposure Landscape
- PTG HIPAA Value Packs
We here at PTG understand that while some practices feel like it would be best to dive-in head-on into the pool of HIPAA compliance, the temperature may be a little too cold for others, who would prefer to slowly ease into the HIPAA water, instead. Sometimes the time and/or price commitment of total HIPAA compliance can be restrictive for the newest and/or smallest practices, and you may prefer to start small. That’s why we offer our “Value Packs,” instead. These will set you on the road to HIPAA compliance but will allow you to do so at your own pace.
PTG’s HIPAA Essentials Security Checkup
Today, more than ever, it is vitally important that your practice is HIPAA-compliant, regardless of the size of your company. Which is why we are offering you these valuable services at an unbelievably low price:
- Provides you with a bird's eye view of the current cybersecurity landscape
- Identifies vulnerabilities that need to be remediated
- Gives you a personalized blueprint for fixing the gaps in HIPAA compliance
- Reviews over 23 technical points related to your digital marketing, website and SEO, to uncover issues with your current marketing plan so you can learn how to win new clients
- Gives a bird's eye view of your current marketing landscape by creating a detailed report that examines exactly where your business is today
- Provides you with a personalized blueprint showing you the exact steps needed to get your business on track to attract new patients
PTG’s HIPAA Encrypted DNS Network Security Suite
What is a DNS and why should it be encrypted? A Domain Name Server (DNS) is what translates your website’s numerical address (which is called your IP (Internet Protocol) address into letters and words so that your website name can be memorable and identifiable. Protecting it is important because when your DNS settings are not working and/or set to default, you are vulnerable to cyberattacks AND performance issues, which is horrible for you AND your customers' experience.
PTG’s HIPAA Encrypted DNS Network Security Suite keeps your DNS safe and protected, all with HIPAA compliance in mind.
PTG HIPAA Assessments
Some people prefer to merely dip their toes into the complex body of water that is HIPAA compliance, as opposed to becoming fully submerged. Which is why we offer an assortment of assessments. The first step to becoming HIPAA compliant is knowing exactly where you stand. The only way to figure out what you need to do to become HIPAA compliant is by conducting an assessment:
- Reviews over 23 technical points related to your digital marketing, website and SEO, to uncover issues with your current marketing plan so you can bring new patients through your door, all while maintaining HIPAA security controls.
- Gives a bird's eye view of your current marketing landscape by creating a detailed report that examines exactly where your business is today.
- Provides you with a personalized blueprint showing you the exact steps needed to get your business on track to attract new patients.
PTG’s HIPAA Essentials Security Checkup
PTG has 21+ years of real world cybersecurity and IT experience. During our HIPAA Essentials Security Checkup we will:
- Give your company a bird's eye view of the current landscape
- Identify vulnerabilities that need to be remediated
- Provide you with a blueprint to HIPAA compliance, specific for your business
THE VALUE OF A SECURITY ASSESSMENT AND AFFORDABLE REPORT CANNOT BE OVERSTATED. The most devastating compromises are rarely enabled by the kinds of problems that vulnerability scanners and bug bounties will uncover.
Threat Focused Security: Cybercriminals want your data and we know exactly how they're going to get it. Understanding real world threats is our expertise. Most vulnerability assessments focus on your web application and your network, but these are not always the biggest threats to your security. Your practice benefits from our HIPAA Essentials Security Checkup with increased security awareness. It provides you with in-depth, actionable reporting and analyses which provide practical solutions to your security deficiencies and will help facilitate your cyber-planning going forward. After the HIPAA Essentials Security Checkup, you will clearly understand where the vulnerabilities of your systems lie and where you are most likely to experience attacks. You will also see, beyond the shadow of a doubt, if your existing defenses are adequate for protecting your organization against viable attacks or if you are rife for a cyberattack. Your high-risk vulnerabilities will be exposed. The most important benefit is that the knowledge gained will help both management and staff to see the “Security Reality.” It will dispel myths commonly held by organizations with internally mentioned comments like:
- "It couldn't happen to us."
- "We don't have anything worth taking anyway."
- "Our system are adequately protected by our firewalls."
Get started on your peace of mind today! Call 919-422-2607!
PTG’s HIPAA Mini Assessment
HIPAA compliance does not equal HIPAA complacency. You can’t “set it and forget it.” There are new risks, threats and vulnerabilities popping up regularly and you can’t just rest on your laurels. Not only would that make your patient health information (PHI/ePHI) vulnerable, but it also would put you at risk for HIPAA fees and violations. But not to worry! Let us do the work for you. PTG’s HIPAA Mini Assessment satisfies MACRA/MIPS (promoting interoperability requirements) but it also provides your practice with:
- A “Live Risk Assessment Interview” (Encrypted via Zoom with Review)
- An annual review of your “Security Policies and Procedures”
- 12 Months use of Secure Compliance Portal
- $250,000 of Cyber Insurance for HIPAA Breach and Fine Expenses
You worked really hard to become HIPAA compliant. A little bit of maintenance goes a long way towards staying HIPAA compliant.
PTG’s A La Carte HIPAA Menu
Although it’s rare to find, your practice may just have this HIPAA thing mostly under control. Perhaps you have your own IT department with plenty of experience in HIPAA compliance, or maybe you yourself are a HIPAA-wizard! Regardless, we are here to help you fill any gaps in your HIPAA compliance. Whether it be employee training that’s needed, or you just need secure backup and storage for your PHI, PTG has you covered! (PLEASE NOTE: The following products are not a replacement for HIPAA Compliance. If you are looking for an all-in-one HIPAA Compliance solution, please see the PTG Comprehensive HIPAA Compliance Packages)
PTG’s HIPAA Monthly Subscription
We are here to hit you hard with reality: HIPAA Compliance is not a crockpot meal…. Unfortunately, you can’t just “set it and forget it.” In order to remain compliant, your practice must stay up-to-date on the latest regulatory updates, enforcement actions and cyberthreats. How do you do that without spending all your time worrying about HIPAA? By letting PTG do the worrying for you!
With PTG’s HIPAA Monthly Subscription, you will receive:
- Our informative monthly newsletter
- Full access to our HIPAA Toolkit Blog, HIPAA Defense Forum and HIPAA FAQ
- Regular handouts to easily share the information with your employees, including (but not limited to):
- HIPAA PHI Flyers
- Office posters
- Brochures
- Regulatory updates
- PTG’s HIPAA Training Materials
We understand that while your employees are your medical practice’s most valuable asset, they are also you’re biggest cybersecurity liability. After all, Phishing emails don’t click themselves. With PTG’s HIPAA Training Materials, we can help you mitigate that risk. Robust and comprehensive, PTG’s HIPAA Training Materials can be used for initial, annual, or new training. The materials are easy-to-follow and include:
- Quizzes
- Scorecards
- Presenter notes
- Checkpoints
- Post-assessment
PTG’s HIPAA Live Webinar Training
You’ve got HIPAA questions? We’ve got answers! PTG’s HIPAA Live Webinar allows you and your staff to schedule a confidential, live initial HIPAA Compliance Webinar with Craig Petronella (a certified HIPAA Compliance & Cybersecurity expert) on a date and time that works best for you and your staff… All from the comfort of your own practice. No need to for excess travel expenses! PTG’s HIPAA Live Webinar saves you time and money while getting your employees up to speed on HIPAA Compliance.
PTG’s HIPAA Policies and Procedures
While most practices would rather focus on the health of their patients as opposed to the health of their cybersecurity, we know that some offices may be up to that challenge, and we are here for that.* PTG’s HIPAA Policies and Procedures is a customizable map that will help lead your practice to self-guided HIPAA compliance. It is compliance with current regulations, including HIPAA's:
- Privacy Rule
- Security Rule
- Enforcement Rule
- Breach Notification Rule.
- Omnibus Rule
Individual policies include, but are not limited to:
- Notice of Privacy Practices
- Use of PHI for TPO
- Third Party Disclosures
- Authorization for Use or Disclosure
- Tracking Logs
- Covered Entities and Business Associates
- Breaches and Breach Risk Assessment
PTG’s HIPAA Video Training
Different people learn in different ways, which is why we created a video to help with HIPAA training. PTG’s Online HIPAA video training for your medical practice by Craig Petronella, an internationally trusted IT cybersecurity and HIPAA compliance expert.
PTG’s HIPAA Training Updates + Support
HIPAA compliance is like a great haircut… It looks fantastic in the beginning, but you need regular maintenance to keep it healthy and looking its best. With PTG's HIPAA Training Updates + 24/7 Support, you will get the support you need to answer ongoing staff questions, update you on the ever-increasing sophistication of cyberthreats and give you 24/7 support for the learning management system.
PTG’s HIPAA Compliant Secure File Sync + Storage
Did you know that 70% of companies that suffer a critical data loss go out of business within 12 months. Are you willing to take that risk with your practice? Power up your medical office with PTG’s HIPAA Compliant Secure File Sync + Storage.
This secure, HIPAA-compliant cloud storage solution provides your practice with the following:
- Individual License for each user in your team
- Up to 1TB of space. Simply Change Quantity for more storage in increments of 1TB.
- Unlimited file recovery and versioning
- Managed file sharing for internal/external parties
- Multiple folder backup (Documents, Desktop, Pictures, etc.)
- Granular user-access and security controls - Set strict usage and access policies at company and user levels.
- Infinite Revision Capture - Restore deleted or changed files from as far back as you need.
- Data storage to any data store type (NAS, on-site server, remote server etc.)
- Universal file access; sync across stationary and mobile devices
- Active Directory integration
- Revised file backup
- Windows, OSX, and Linux agents
- Rapid deployment (10-minute server setup, 5-minute onboarding)
- Continuous, real-time backup
- Custom deleted file retention periods
Not only is it extremely secure, but it is also user-friendly with an intuitive central dashboard:
- Centrally administered, multi-tenant dashboard
- Comprehensive usage reports
- Unlimited user scale
- Agent, web, and mobile applications (iOS, Android) - Freedom to access files from anywhere.
- Smart alerting system for data usage
AND our cloud service exceeds industry standards with professional-grade security:
- 448-bit Blowfish encryption, on device and in-transit
- Encryption key management
- Remote wipes of desktops and devices
In Conclusion...
As you can see, the road to HIPAA compliance is long, winding and different for every medical practice. You can choose to sprint or walk. Take it all at once or break it up into sections.
Regardless of what you choose, Petronella Technology Group has a solution that will fit your practice. Contact us today for a free consultation. Don’t wait until you’ve already been compromised. Remember a half-an-ounce of prevention is a lot less costly than a pound of cure.