Meeting HIPAA in Austin TX Compliance with a Managed IT Plan, Part 2: Device Documentation

Meeting HIPAA Compliance with a Managed IT Plan Pt 2: Device Documentation Tips From Your Austin TX Managed IT Experts

A lot of steps go into ensuring HIPAA compliance. One of those is storing the serial numbers of all managed devices and making sure to record everyone who gets on the network. HIPAA, and all of it’s protocols and safeguards, are there to make sure that personal health information stays private, and does not fall into the wrong hands. A large part of that is making sure you correctly document everything that goes into your HIPAA compliance. While you must deal with some of these documentations internally, a managed IT provider can help with most of it. There is quite a number of needed steps to make sure you properly make an inventory.

Documenting Serial Numbers & Other Info

One of these is storing all of the serial numbers and information on devices that will be coming into contact with personal health information. That information includes the make and model of those devices, and the physical location of them. It might sound like a simple request, but it is more than just simply documenting the few work computers you use. Many companies are now using mobile phones to access patient data. If that is the case with your company, you will need to record these mobile devices as well.

Furthermore, even if you just use a device to hand-off data, you will still need to record that device if it could be an access point. According to one recent study, up to 18% of healthcare professionals now access PHI on mobile phones. This list also includes servers, as they are definitely a potential weak point that you and your IT providers need to monitor.

Documenting Where PHI Is Located

Part of recording devices is also recording where the PHI is located, and where it will be. There will need to be a PHI location map, as well as plans in place on how you would deal with a breach, and potential vulnerabilities. These are less strict, but must meet the requirement of reasonable amount of preventative care. You will need to record software as well as a business associate agreement if you work with a managed IT company. This agreement will itemize exactly what permissions your IT managers have as well as their ability to make sure data is being backed up and encrypted, plans to minimize contact with personal data, and plans to destroy any personal data needed to configure problems.

Documenting Business Practices

You will also need to document much of your business practices, including your training plans, and how you properly teach new employees how to handle PHI. Documents should also include what steps you have taken to limit 3rd parties like software companies access to your data, and the specific ways you have minimized exposure. Also needed is a list of any possible vulnerabilities and how you may deal with them, and upgrades to the system you want to make in the future. Finally, you should address any upgrades that you have been needing to make. This should help you fill out any and all future milestones and goals you want to go over in the future.

HIPAA in San Marcos TX

If you are looking for a Managed IT company in Austin TX or San Marcos area, or just a reliable and professional help for all those tech details in the daily basis at your business, TekRescue can be the partner you were looking for. As one of the leading San Marcos TX Managed IT Company, we can assure you that you’ll find a team of experts ready to offer the most efficient solutions to all your tech issues.

hipaa, managed it
Previous Post
Meeting HIPAA Compliance with a Managed IT Plan Pt 1: Monitoring Antivirus Status
Next Post
Meeting HIPAA Compliance with a Managed IT Plan Pt 3: Network Monitoring

Related Posts

IT Tech working updating a laptop for a business employee

The Challenges and Opportunities of Business Technology

business man holding a page with ROI graphics

Is In-House IT Enough? How To Measure ROI and Productivity For Your Business IT

In House IT Tech helping an employee with tech issues

In-house IT vs IT Outsourcing: How We Can Help You Find the Best Solution for Your Needs