CynergisTek Announces SURVEYOR™ Offering For Business Associates Of Healthcare Organizations

CynergisTek Extends Information Security Services with New Solution Tailored to Meet Needs of Healthcare Business Associates Covered by New HITECH Act Rules

CynergisTek™, a leading provider of information security solutions for healthcare organizations, announced recently the availability of SURVEYOR™, an offering customized to support business associates, companies that provide services to hospitals, clinics and insurers who have access to protected health information (PHI), with the information security risk assessment and risk management services required under the latest federal guidance.

The solution is being offered in accordance with the Notice of Proposed Rule-Making (NPRM) that was formally released on July 14, 2010 to modify the Health Insurance Portability and Accountability Act (HIPAA) Privacy, Security and Enforcement Rules under the Health Information Technology for Economic and Clinical Health (HITECH) Act. The NPRM states that business associates have the same liabilities under HIPAA as covered entities in an effort by the Office of Civil Rights (OCR) to ensure patient privacy protections.

Under the NPRM, business associates must support their healthcare clients by ensuring that information security policies, practices and compliance strategies align with HIPAA/HITECH and state laws. To do so, business associates must have a documented risk assessment report to share with healthcare clients to demonstrate their compliance with these more stringent requirements. CynergisTek SURVEYOR provides a customizable and scalable framework for risk assessment. It is designed to define the current state of a business associate's direct compliance with all of the safeguards and documentation requirements of the HIPAA Security Rule and detail a measurable remediation plan if gaps are identified. Most importantly, a client-ready report developed specifically for dissemination will be prepared for the business associate to share with its covered entity partners.

"As I dialogue with my industry peers, we have shared in the struggle to effectively identify and reduce the risk to our enterprises that result from our business associate relationships," stated Joyce Miller-Evans, Chief Information Officer of Ohio Presbyterian Retirement Services.

"OCR's newly-proposed rules create more rigorous responsibilities and accountabilities within the covered entity-business associate relationship. CynergisTek's risk assessment services have been a cornerstone of our HIPAA/HITECH compliance efforts so expanding their offerings to the business associate community, given OCR's guidance, can only contribute positively to align the risk and compliance management goals within the covered entity-business associate relationship."

"Now that the final NPRM has been issued, we know that many of the organizations that partner with healthcare providers and provide services to them will now be directly subject to the HIPAA Privacy and Security Rules," said Mac McMillan, CEO of CynergisTek. "While these rules are meant to ensure that any organization that handles PHI is taking the appropriate measures to secure that sensitive information, they also represent a whole new set of regulatory requirements for these organizations to meet. With SURVEYOR, business associates will have the ability to assess their risk and protect PHI, communicate their efforts to their clients, all while demonstrating compliance with the new mandates."

CynergisTek's solutions and services are specifically designed to help healthcare organizations improve their security posture, facilitate compliance, improve operational efficiency and foster trust. CynergisTek service offerings and methods include:

• Risk management and evaluation
• IT security strategy
• Technical security
• Regulatory/compliance audit
• Managed security services

About Ohio Presbyterian Retirement Services
Ohio Presbyterian Retirement Services (OPRS) is the largest and most experienced not-for-profit provider of continuing care retirement communities and services in Ohio. A faith-based organization with headquarters in Columbus, OPRS serves more than 80,000 people in 42 Ohio counties annually through its 11 retirement communities and its Senior Independence home and community based services division. Additionally, through iPartner affiliates and icaregiver.org Web site, Senior Independence extends services to older adults throughout the nation.

About CynergisTek
CynergisTek is a leading provider of information security management, regulatory compliance, IT audit and advisory services, business continuity management, security technology selection and implementation, and secure IT infrastructure architecture and design solutions. The firm offers practical, manageable and affordable consulting services for organizations of all sizes and complexity. Using an organized, planned and collaborative approach, CynergisTek applies multidisciplinary expertise to serve as partner and mentor, to enhance the consulting experience and, ultimately, clients' compliance and business performance. CynergisTek participates in and contributes to HIMSS, AHIMA, HFMA, HCCA, AHIA and other industry bellwether organizations. For more information, visit: www.cynergistek.com.

SOURCE: CynergisTek