AUSTIN, TX – OnRamp, an industry-leading data center services provider, specializing in high security hosting solutions for healthcare IT related verticals, has recently announced its founder, Chad Kissinger, will speak at the Austin Chapter of the Healthcare Information and Management Systems Society (HIMSS) meeting on Tuesday, May 13, 2014 at the Thompson Conference Center on The University of Texas at Austin campus. Kissinger’s presentation, entitled “Outsourcing IT in a HITECH Landscape,” will focus on the evolving legal climate surrounding the privacy and security of Electronic Protected Health Information (ePHI). Speaking from the perspective of a business associate that provides HIPAA Compliant Hosting services, Kissinger will emphasize the need for developing partnerships with IT providers that understand the laws outlined by HIPAA and HITECH and are doing everything from the standpoint of their business to maintain compliance.
HIPAA and HITECH mandate that any company working with ePHI must ensure that all of the required physical, network and process security measures are in place to meet the compliance requirements set forth by law. An update to HIPAA regulations, known as the Omnibus Rule, was adopted in early 2013. The Omnibus Rule includes some major changes, including increased direct liability for business associates and their subcontractors as well as a tiered penalty structure for non-compliance. With the threat of legal and financial repercussions for noncompliance, ensuring the privacy and security of healthcare data is paramount.
“HIPAA responsibilities have a trickle-down effect, impacting direct vendors, subcontractors, and Business Associates of third-party vendors that come in contact with e-PHI at any point,” stated Kissinger. “In fact, the Omnibus Rule explicitly states that third-party data storage providers are considered Business Associates of Covered Entities – whether they ever actually view the data they store or not. For HIPAA covered entities who are now responsible for the actions of their business associate sub-contractors, with or without a signed Business Associate Agreement (BAA), evaluating their partnerships for managing critical patient data is a must.”
Kissinger previously spoke at an Austin HIMSS Chapter meeting in April of 2013, where he educated the group on the changes provided in the HIPAA Omnibus Final Rule which as a result required compliance from Covered Entities and Business Associates the following September. Kissinger’s presentation next week will identify the key concerns for working with IT providers, the key components to forming a BAA and the key topics in negotiating the responsibilities of covered entities and their sub-contractors in collectively maintaining the confidentiality, availability and integrity of EPHI under HIPAA and HITECH.
For more information on this event, visit the Austin HIMSS website: http://austin.himsschapter.org/