The Health Insurance Portability and Accountability Act (HIPAA) is a complex series of rules and regulations that healthcare companies and the providers that serve them need to abide by.
While challenging, HIPAA is a great opportunity for MSPs to build their business and deepen relationships with clients by becoming trusted advisors.
And just last month, things got a little trickier when the September 2013 Omnibus Ruling, the final Omnibus rule, went into effect. With these rules the entire electronic medical records “chain of custody” has greater responsibilities.
These same responsibilities are in force whether the data is stored on-premises or at a remote backup provider’s site or in the cloud.
Online backup provider Intronis (News - Alert) that largely targets MSPs hopes to help. “If you’re an IT managed services provider (MSP) or value-added reseller (VAR) serving the healthcare vertical, you know you need to abide by HIPAA, but understanding its rules and requirements can be a challenge. Intronis has committed to HIPAA compliance, and we have developed a library of data backup resources to help our partners better understand the regulation, take steps to comply, and even leverage the opportunity for business success,” the company said.
Not all healthcare organizations, especially smaller ones, understand HIPAA. For instance, that storage must not just be secure, but HIPAA-compliant. Here is where an MSP can act not just as a consultant, but a trusted advisor and problem solver.
For instance, some doctors use public e-mail services such as Hotmail or Gmail. And DropBox is not a compliant way to store sensitive medical information. An MSP could counsel these docs away from these misdeeds.
A recent Intronis blog offers some advice. “MSPs and healthcare organizations need to work together to instill a long-term understanding of what it means to practice safe data usage in order to avoid fines and loss of industry standing,” the blog said.
Ulistic, an MSP consultancy, is advising healthcare outfits to make sure their MSPs do HIPPAA right, that that MSPs hoping to serve this market make themselves compliant. “Is your managed services business adhering to the standards for HIPAA compliance?” Ulistic asks, and answers, “If not, you need to be.”
Want to Learn More?
These are all big issues. Fortunately help is available. One such assistance is an Intronis webinar, “HIPAA. It Doesn’t Have To Be Scary,” on Oct. 31, 2013 (yup, on Halloween) at 2 p.m. ET. You can register here.
Aimed at MSPs, the webinar will teach:
“How the HIPAA Omnibus rule will affect your MSP business
Three steps you can take today to ensure compliance
How to find the backup vendor who is serious about protecting you and your clients’ data
Selling the value of being HIPAA compliant to new and existing clients”
The Intronis MSP Angle
Intronis designs its cloud storage wares with MSPs in mind. That’s why its management console includes billing, scheduling, and account setup.
That’s also why Intronis is so liberal with its branding, allowing MSPs to fully brand the service and the portal that supports it as their own. “We recast our cloud backup software with your logo and your brand, so your clients won't know that you're using our platform. You can rebrand your website, software, and notifications at your convenience,” Intronis argues.
Edited by Alisen Downey