- Our Work
- Security Engineering
- Contingency Planning Services
- Lunarline Privacy Services
- Security Compliance
- Service Coverage
- Certificate of Networthiness
- Cloud Security
- Cyber Security Training and Certifications
- IT Security Governance & Cyber Security Strategy
- Incident Response
- Mobile Device Security
- Penetration Testing
- Physical Security
- Risk / Vulnerability Assessments
- Risk Assessments
- Risk Management Framework / Certification & Accreditation (C&A)
- Secure Network Design and Implementation
- Secure System / Software Quality Assurance
- Security Auditing
- Contact Us
ARRA HITECH Stimulus, Attaining Meaningful Use and HIPAA Security Rule Compliance
In February of 2009, the American Reinvestment and Recovery Act (ARRA) allocated $19 billion in funding for hospitals and clinics that make “meaningful use” of CCHIT certified Electronic Medical Record (EMR) systems. In December of 2009, HHS published a 23 element definition of “meaningful use”. These elements included 22 transactional items such as Computerized Physician Order Entry (CPOE). The 23rd element concerned security of all of the transactional items, and required firms seeking the Stimulus funds to “Conduct or review a security risk analysis in accordance with the requirements under 45 CFR 164.308(a) (1) (HIPAA Security Rule) and implement security updates as necessary.” Funds under the ARRA can begin flowing as early as October 1, 2010 for hospitals that meet the “meaningful use” standard. A typical 300 bed hospital can expect as much as $6 million if they qualify in 2010 or 2011. Hospitals qualifying later than 2015 will receive none of these funds. There are approximately 6500 members in the American Hospital Association.
ARRA HITECH AND ACR2 HIPAA Security Rule Reporter
The healthcare industry is in a time of great transition, with a government mandate for EHR/EMR systems, increasing security regulations, and greater compliance scrutiny and punitive actions. While EHR systems will ultimately lead to more efficient and effective patient care, they also increase the criminal appeal of attack and an institution’s vulnerability to large-scale ePHI breach. Moreover, increased reliance on IT and EHR systems for mission-critical operations means that any attack or infiltration has the potential to be catastrophic. Compliance with security regulations will guide providers of all types to mitigate their risk, but maximizing protection of these complex operations requires a broader strategy. Lunarline and ACR2 HSCR provide unique and cost-effective solutions that ensure compliance, maximize protection, and enable your strategic business and IT initiatives to grow securely.
- We read the regulations, so you don't have to!
- Compliance limits liability
- Annual subscription based program
- Protects your data
- Auditable reports
- Uses approved NIST methods
- Automates time consuming processes
- Automates extraction of syslog data
- Roadmap to full HIPAA compliance
- Continuously updated using Federal standards
- Software as a Service (SaaS)
- Secure Input (SSL)
- Encrypted Storage of input data
- Encrypted PDF Reports
- Supports SCAP vulnerability scan import
- Supports IPS/AV upload
Achieving HIPAA Security Rule Compliance
- Scan the computer network using an SCAP validated vulnerability scanner.
- Conduct a risk assessment using the NIST 800-30 protocol.
- Implement safeguards to protect against the risks identified during the risk assessment and SCAP vulnerability scan.
Our proposed solution brings to our customers the best value based upon our teams extraordinary expertise in IT technology security, HIPAA Security Rules compliance, NIST 800 series security requirements and a focus on ePHI security. We provide a team immersed in a culture of information assurance, risk management, risk mitigation and compliance to provide the highest quality of service to our clients, which include but are not limited to the office of the CIO for the Department of Health and Human Service and the VA administration who have the task to treat and protect the identity of our veterans.
For more information, please contact us at firstname.lastname@example.org or call us at (571) 481-9300.