HIPAA Risk Analysis

What is a HIPAA Risk Analysis?

The Health Insurance Privacy and Portability Act (HIPAA) was put into place to protect patients’ privacy and give them control over how their health care information is used. In the medical field, having a HIPAA plan for your practice is not enough. You must always meet HIPAA compliance regulations, or face a hefty fine and tarnish your reputation with patients. The first step to meeting compliance is to implement a HIPAA Risk Analysis.


About the HIPAA Risk Analysis


The goal of a HIPAA Risk Analysis is to reveal the possible risks and weaknesses to the integrity, confidentiality and availability of electronic protected health information (ePHI). From there, the proper safeguards can be determined to keep the amount of risk to a manageable and acceptable level.


The benefit of a HIPAA Risk Assessment is that once you know the risk level of the organization, you can decide how to lessen those risks effectively. This involves identifying the information your practice needs to protect where that material lives and moves. Once this intelligence has been gathered, a basis for security policies to protect this data can be established.

Here are a few ways that HIPAA IT security policies can be implemented in order to avoid a severe fine for non-compliance:

Access Limitations

Protected Health Information (PHI) is required by HIPAA to be limited to only those who are authorized or granted access rights. As more information is stored on network servers and exchanged among physicians, external partners and patients, covered parties must ensure that data cannot be revealed to snooping and malicious individuals. The system must be set up with password protection and use digital certificates so that only those whom have had files encrypted for them can view the sensitive material.

Transmission Security

PHI must not only be protected while stored, but also when it is being transmitted via a private or public network. This way, the sensitive data is always secure when shared between partners, employees, patients, insurance companies and doctors. Data must be protected at the file level, and not just over communication channels.

Data Integrity

Secure information is not only supposed to be safeguarded against unauthorized viewing, but also against improper destruction or alterations. For those who do not have permission to change the information, access must be denied. In addition, there must be a way for users to know if changes have been made to a document. One way to do this is to employ digital signatures on encrypted data. When a document is encrypted, unauthorized users are denied access, where they cannot edit, delete or view the information. With a digital signature, this ensures that the document was not changed in any way since it was signed originally. The signature will not be valid once the document has been improperly tampered with.

These are some of the ways that HIPAA IT security policies can be implemented. In order to make sure you meet compliance, contact Matthijssen, where we offer HIPAA Risk Analysis, assistance creating IT security policies and ongoing maintenance to ensure HIPAA compliance. Contact us with any questions you may have about HIPAA or Risk Assessment and one of our knowledgeable team members will gladly answer all your questions.


remote healthcare technology

Advancements in Health Technology Makes Remote Health Care Possible

Technology has simplified so many things, including health care. In Rochester, Minnesota, a new advance that combines health care and technology has been made by a team at the Mayo Clinic. The team, which was comprised of members of the Division of Engineering and Technology Services and members of the Division of Cardiovascular Diseases has been working on creating devices that monitors, screens, prevents and manages disease in patients for the past 10 years.

After 10 years, the team has created a remarkable new form of remote health care technology: The BodyGuardian Remote Monitoring System.

About the BodyGuardian Remote Health Care Monitoring System

Simply referred to as the BodyGuardian, this monitoring system is a body sensor that is worn by patients who have a history of cardiovascular disease. The device collects physiological data. The data, which is collected on a constant basis, is streamed back to physicians, allowing them to keep a close eye on valuable biometric data. This cutting edge technology keeps patients and their physicians in constant contact, which allows physicians to provide valuable care around the clock.

The BodyGuardian has been cleared by the FDA to monitor arrhythmias that are non-lethal in ambulatory patients.

How the BodyGuardian Remote Monitoring System Works

The BodyGuardian Remote Monitoring System works by performing rhythm monitoring and cardia ECG, which is traditionally performed by large instruments in a hospital setting. The device, which is similar to a bandage, contains a small monitor that delivers information to the BodyGuardian Connect smartphone. The patient is able to be completely mobile and free to go about his or her normal activities while his or her healthcare team monitors important biometric information and cardiac rhythms.

The information that the BodyGuardian collects is delivered wirelessly to a cloud-based mHealth platform, known as the Preventice CarePlatform and PatientCare Portal. The platform collects information in real-time and delivers it to health care professionals who monitor the information. Patient information can be accesses their patients’ information and receive notifications 24 hours a day, 7 days a week from any location via the World Wide Web.

Benefits of the BodyGuardian Remote Monitoring System

The BodyGuardian Remote Monitoring System provides a wealth of benefits to both patients and their health care professionals.

Benefits for patients include:

  • The ability to go about normal daily routines without having to be limited by regular visits to a hospital or doctor’s office.
  • They can receive immediate updates regarding their health and well being via the BodyGuardian Connect smartphone. If doctor’s notice that there are changes in certain threshold amounts that have been set by their doctors to ensure a healthy heart, their doctors can modify their thresholds or their medications to meet their needs.

The benefits for health care professionals include:

  • The ability to provide real-time care for their patients at anytime from any place. This allows health care professionals to provide their patients with the best care possible.

The BodyGuardian Remote Monitoring System also helps to control the cost of health care, which is beneficial for both patients and health care providers.

The development of this type of remote health care has opened up a world of opportunity for further and similar advances for other areas of health care. It’s exciting to think what the future holds.