Regulatory and Best Practices to Ensure Compliance and Safeguard Digital Infrastructure and Information.
CAIPHI Comply® gives your organization affordable, self-assessment tools to provide evidence of compliance with HIPAA Privacy and Security Rules, HITECH Act Breach Notification Rule, and emergent NIST Cybersecurity Framework and Controls Guidance. These tools include:
- NIST-based Risk Analysis Template
- Comprehensive set of safeguard policies and procedures that your organization can tailor to its business environment
- Safeguard training protocols to be administered by your Privacy and Security Officials to your organization’s workforce.
CAIPHI Comply® is available directly from CAIPHI.com. Click on the envelope icon in the right-hand corner to send CAIPHI a message with your contact information. CAIPHI will respond to you within 1 business day, and let you know how we embed your facility name in each PDF. We also will send information about the forthcoming CAIPHI Comply® cloud-based version, which all purchasers of the PDF version will receive as part of their membership upon release in 2019 quarter II.
CAIPHI Comply® Product Details
- When your annual security risk assessment (SRA) indicates your health care policies and procedures are outdated or ineffective, look to CAIPHI Comply® for comprehensive, affordable, updatable tools designed for self-assessment. Stay abreast of Notification, and Business Associate Agreement Rules, and HIPAA requirements of the CMS Emergency Preparedness Rule.
- Key features of CAIPHI Comply®
- A NIST-based security risk analysis (SRA).
- Safeguard policies and procedures tailored to findings in your SRA.
- Safeguard training curriculum for the customer’s workforce members.
- CAIPHI Comply® is a customized monthly membership product billed annually for each facility in an enterprise that is presently available as a downloadable suite of PDF compliance solutions that will be available in 2019 Quarter II as a cloud-based solution.
- A covered entity’s is the defining entity with respect to compliance enforcement. The name of covered entity and it’s designated facility is embedded throughout the customized version of the compliance tool set. is embedded throughout its customized version of the compliance tool set.
- With its monthly membership program billed annually, CAIPHI provides timely regulatory updates and guidance to ensure ongoing compliance for the customer and its channel partners earn an annual recurring revenue stream.
Noncompliance – Failure to:
- Conduct NIST-based risk analysis
- Implement and document Security Management Plan, with Administrative, Physical, and Technical safeguard policies and procedures
- Train and document workforce members “awareness and understanding” of safeguard policies and procedures
- Increased likelihood of privacy breach or security incident
- Patient safety and ePHI at risk
- Significant federal penalties imposed
- Impaired cyber-insurability
- Negative business reputation
- Subject to class action and individual litigation
CyPHIcomply is a comprehensive, affordable, updatable set of tools designed for self-assessment and targeted to healthcare providers for achieving compliance with HIPAA Privacy and Security, HITECH Act Breach Notification, Business Associate Agreement, and Business Associate Agreement.
CyPHIcomply is a customized monthly membership product that bills annually in advance for each facility in an enterprise
- A facility is the defining entity with respect to compliance enforcement and its name is embedded throughout its customized version of the compliance tool set.
- As part of the membership program, CAIPHI provides regulatory updates and guidance to ensure ongoing compliance for the client.
- Beginning in 2019 Q2, clients will have username/password access to a SaaS version of the compliance tool set maintained on AWS.
Comprehensive cybersecurity and HIPAA safeguard compliance tool set designed for self-assessment that includes checklists and guidance for:
- HIPAA Privacy and Security and HITECH Act Breach Notification Rules, with written policies and procedures, implementation guidance, and links to
- NIST SP-800-53-5 Security and Privacy Controls
- NIST Cybersecurity Framework Protocols
- OCR Audit Protocols
- Risk Analysis Template
- 40 Authorization and Maintenance Forms
- Safeguard Training Curriculum, Test, and Answer Key
CyPHIcomply not only provides the regulatory and best practices requirements for demonstrating compliance, but also the framework for design, development, and deployment of future software by:
- Mitigating internal and external risks to patient safety
- Creating a trusted environment for healthcare stakeholders
- Minimizing financial and reputational liabilities to noncompliance
- Enabling cybersecurity insurance coverage
- Generating linked data leading to quantifiable intelligence across cybersecurity continuum.