Healthcare Technology Consultants
Established in 2011, EHR Resources LLC is a Healthcare Technology Consulting Group, providing a wide range of professional services related to healthcare technology, HIPAA Compliance, Security Awareness Education Training, meeting regulatory requirements, and policy development to clinics, hospitals, physicians, specialists and business associates.
As a trusted adviser within the healthcare industry for more than 10 years, we work directly with provider practices, speciality clinics, hospitals, and business associates to identify their level of HIPAA compliance. EHR Resources offers a wide range of services, from developing and implementing compliance program policies and procedures to conducting HIPAA Security Risk Analysis and documentation audits to completing operational assessments designed to identify high risk areas.
Our Security Risk Analysis is conducted in accordance with the HIPAA Security Rule 45 CFR 164.308(a)(1) and 45 CFR 164.308(a)(8), in alignment with the NIST Special Publication 800-30 Revision 1, Guide for Conducting Risk Assessments, and in compliance with the Administrative (45 C.F.R. § 164.304), Physical (45 CFR § 164.310), and Technical safeguards (45 CFR § 164.312).
We are focused on the unique requirements of healthcare environments in adopting, implementing, and improving technology, staying compliant with State and Federal regulatory requirements in compliance with HIPAA, HITECH, and the Omnibus Rule, while keeping patient health information (PHI) safe and secure.
Our methodology is a client-focused strategy, to ensure that we have and continue to provide greater value and professional knowledge. Our success is based on our ability to help clients consistently meet their objectives in a timely and cost-effective basis.
Below is a brief list of our services. You can always complete the contact form below if you have any questions.
Our Security Risk Analysis provides a structured qualitative assessment of the operational environment and addresses sensitivity of data, threats, vulnerabilities, type of risks, and current safeguards. It meets the requirements under the Health Insurance Portability & Accountability (HIPAA) Security Rule 45 CFR § 164.308(a)(1)(ii)(A); "to conduct an analysis of the potential risks and vulnerabilities to the confidentiality, integrity, and availability of e-PHI".
HIPAA requires covered entities to train all workforce members on its policies and procedures, as necessary to carry out their job functions. EHR Resources can provide HIPAA training to all staff ranging from web-based, online training to on-site in-person training.
Businesses Associates are directly liable under the HIPAA Rules for the protection and safeguard of sensitive data and PHI. EHR Resources can help reach HIPAA compliance by conducting a HIPAA Security Risk Analysis, evaluating the level of overall compliance, and provide an accurate and thorough assessment of the potential risks and vulnerabilities to the confidentiality, integrity, and availability of electronic protected health information held by the business associate
EHR Resources can review, revise, modify and document existing information security policies and procedures, draft additional policies and procedures as necessary to enhance and organize our clients current written policies and procedures.
The Security Rule requires entities to evaluate risks and vulnerabilities in their environments and to implement reasonable and appropriate security measures to protect against reasonably anticipated threats or hazards to the security or integrity of e-PHI. Conducting a HIPAA Security Risk Analysis is the first step in that process.
EHR Resources is experienced in assisting Business Associates to become HIPAA Compliant, ensure written agreements are in place with each Covered Entity, and assist in developing a Risk Management program for your organization.
EHR Resources can provide advise, direction and guidance in helping you navigate the path to HIPAA Compliance.