The 20 is pleased to announce that it has taken all necessary steps to prove its good faith effort to achieve compliance with the Health Insurance Portability and Accountability Act (HIPAA). Through the use of Compliancy Group’s proprietary HIPAA solution, The GuardTM The 20 can track their compliance program and has earned their Seal of ComplianceTM. The Seal of Compliance is issued to organizations that have implemented an effective HIPAA compliance program through the use of The Guard.

HIPAA is made up of a set of regulatory standards governing the security, privacy, and integrity of sensitive healthcare data called protected health information (PHI). PHI is any individually identifiable healthcare-related information. If vendors who service healthcare clients come into contact with PHI in any way, those vendors must be HIPAA compliant.

The 20 has completed Compliancy Group’s Implementation Program, adhering to the necessary regulatory standards outlined in the HIPAA Privacy Rule, Security Rule, Breach Notification Rule, Omnibus Rule, and HITECH. Compliancy Group has verified The 20’s good faith effort to achieve HIPAA compliance through The Guard.

“We are all very excited to have completed the thorough process of becoming HIPAA compliant,” said Tim Conkle, CEO of The 20, “Our partnership with Compliancy Group will greatly benefit our MSP members and end clients. We will ensure that both their business and IT practices are adhering to HIPAA regulations and standards.”

Clients and patients are becoming more aware of HIPAA compliance requirements and how the regulation protects their personal information. Forward-thinking providers like The 20 choose the Seal of Compliance to differentiate their services.

About The 20:
The 20 is an exclusive business development group for Managed Service Providers (MSP) aimed at dominating and revolutionizing the IT industry with its standardized all-in-one approach. The 20’s robust RMM, PSA, and documentation platform ensures superior service for its MSPs’ clients utilizing their completely US-based Help Desk and Network Operations Center. Extending beyond world-class tools and processes, The 20 touts a proven sales model, a community of industry-leaders, and ultimate scalability. For more information, visit https://www.the20.com.
Follow The 20: TwitterLinkedIn and Facebook

About Compliancy Group:
HIPAA should be simple. That’s why Compliancy Group is the only HIPAA software with expert Compliance CoachesTM holding your hand to simplify compliance. Built by auditors, Compliancy Group gives you confidence in your compliance plan to reduce risk, increase patient loyalty, and profitability of your organization. Visit https://www.compliancy-group.com or call 855.854.4722 to learn how simple compliance can be.

Verify our Seal of Compliance!

Dan Astin of Ciardi, Ciardi & Astin.

by Dan Astin

 

1) Change in Control

One of the most important legal tips every MSP should know involves “Change in Control.” In the event of an acquisition or other change in control of the client/customer, the MCA and ancillary SOW’s remain in full force and effect. “Change in Control” means any sale, exchange, transfer, conveyance or termination of any equity or ownership interests in the client/customer, or any corporate, limited liability company or partnership reorganization, restructure, merger, acquisition, transfer of assets, consolidation or adjustment with respect to Client if the persons currently in control of the client/customer would no longer have such control after such event.

2) BAA Requirements

HIPAA requires a covered entity to enter into “business associate contracts” with business associates to safeguard protected health information and to restrict its uses and disclosures to those permitted by the contract or required by law.  Business associates are also required to enter into business associate contracts with their subcontractors.  Business associates are persons or entities that perform, or assist in the performance of, any activity involving use or disclosure of individually identifiable health information. 45 CFR §160.103. This includes, e.g., claims processing, data analysis or processing, quality assurance, billing, practice management, and accounting and legal services.

3) Cybersecurity Insurance

According to the Ponemon Institute’s “2018 Cost of Data Breach Study,” the average cost of a stolen or lost record is $148, while the overall cost of a data breach is nearly $4 million. In addition, the likelihood of getting hit with another breach within two years after the initial one is 27 percent.

As noted by FICO, businesses typically shun cybersecurity insurance for three primary reasons:

A) The organization isn’t investing in cybersecurity overall, despite an increase in threat levels.
B) Leadership believes the organization will never be the victim of a cyberattack because it is too small to be targeted, or they believe security systems will protect it.
C) Leadership doesn’t understand how cyber insurance policy premiums are estimated or what exactly is covered.

Generally, cyber policies include coverage for costs incurred for remediation in response to a data breach, liability for claims arising from the data loss or breach, fines or penalties imposed by law or regulation, and additional payment card industry fines and penalties.

 

Dan Astin is a Managing Partner for Ciardi Ciardi & Astin law firm and regularly represents and provides legal and business consultations to commercial creditors, litigants, contract parties, corporate debtors, importers/ exporters, MSP’s, small business owners, and trustees, in matters of commercial business practices, litigation, customs and international trade, bankruptcy liquidations, administrative law, foreign corrupt practices act FCPA, contract negotiations, business restructuring, IT, select domestic and international trade. Dan’s legal experience includes prior service in the U.S. Navy’s Judge Advocate General’s Corps, as counsel to the Commanding Officer of USS Constellation (CV64); concious objector hearing officer in the first Gulf conflict; prosecutor and defense attorney United States Navy; trial attorney with the United States Department of Justice, Office of the United States Trustee; Associate Council customs and international trade.