SOURCE: RapidFire Tools

RapidFire Tools

February 15, 2016 09:00 ET

New Federal Audits for HIPAA Violations Open Compliance Support Opportunities for MSPs

As the OCR Targets 1,200 Healthcare Companies to Start Its New Audit Program, MSPs Can Leverage RapidFire Tools' HIPAA Compliance Module to Help Clients Prepare

ATLANTA, GA--(Marketwired - Feb 15, 2016) - RapidFire Tools Inc., the world leader in non-invasive IT assessment tools, announced that its managed service provider (MSP) customer base can increase business by offering HIPAA Risk Assessments to customers in the healthcare industry, helping companies avoid HIPAA audit failures resulting from forthcoming audit surveys and site visits, as announced by the Office for Civil Rights (OCR). RapidFire Tools' flagship solution for the healthcare marketplace, the Network Detective HIPAA Compliance module, automates the complicated and laborious HIPAA risk assessment process, which can serve as a critical basis for an ongoing HIPAA compliance program.

The OCR is the regulatory enforcement agency that oversees the Health Insurance Portability and Accountability Act (HIPAA) Privacy, Security, and Data Breach Rules, which protect patients' fundamental rights regarding nondiscrimination and privacy. At this past fall's HIPAA Security Conference in Washington, D.C., the office announced it will distribute letters to 1,200 "covered entities" in the healthcare industry, surveying them on the accuracy and compliance of their patient data. These companies will have 10 - 14 days to comply with the requests in the letters. According to the HIPAA Journal, "any covered entity receiving a survey may have a 50% chance or higher of being audited." These letters are being readied for distribution to start what will be a permanent audit program. The new program will include both "desk audits" requiring the submission of documents, and site visits where auditors will inspect and observe the organization. For the first time, if a HIPAA Covered Entity is audited, its business associate vendors will also be included. If the business associate fails, then the covered entity also fails.

HIPAA penalties can reach into the millions of dollars, and smaller medical organizations are not exempt. For instance, according to OCR Director Jocelyn Samuels at the HIPAA Security Conference, a small cancer practice whose employee had an unsecured notebook computer and backup media stolen from a car resulted in a $750,000 settlement. HIPAA compliance assessments provide evidence that a healthcare company has conducted ongoing reviews of its network, which can quickly reveal when an employee has not logged into their device as expected, indicating a stolen or lost device and allowing that company to take corrective action. Such documentation of the company's security policies is invaluable during a HIPAA audit in order to alleviate fines. A security risk assessment is the foundational document required by the HIPAA Security Rule. It identifies threats and vulnerabilities that can put electronic Protected Health Information (ePHI) at risk of loss or unauthorized access. The Network Detective HIPAA Compliance module creates the mandatory reports that identify risks and provide a guide to addressing them.

"HIPAA compliance requires specific, concrete evidence that companies have taken steps to confirm their data is secure, including detailed HIPAA Risk Assessment Reports. Any technician in the industry will agree it's impossible for a company to institute a viable compliance program within the 10- to 14-day period the OCR letters allow. Companies must prepare a strategy now," said Michael Mittel, CEO of RapidFire Tools. "This opens a compelling window of opportunity for managed service providers to offer HIPAA compliance assessments to their healthcare clients. The Network Detective HIPAA Compliance module streamlines the exhaustive and time-consuming HIPAA Risk Assessment process. Armed with this network assessment tool, and knowledge of the forthcoming audit surveys, MSPs can gain business and help their customers protect against potentially debilitating penalties."

The Network Detective product line is available for purchase via subscription online at the company's website:

About Network Detective
Network Detective is the number one non-invasive IT assessment tool, used by thousands of service providers around the world. Unlike other solutions, Network Detective includes a series of IT assessment and compliance modules that acquire a vast amount of network data -- including assets, users, configurations, and vulnerabilities -- all without installing any software, probes, or agents. Once the scans are complete, the service provider can run the encrypted file through the Network Detective proprietary data analyzer and then select from dozens of powerful reports to generate.

About RapidFire Tools
RapidFire Tools Inc. was founded in June of 2010 by IT entrepreneur Michael Mittel. The company's mission is to develop and sell innovative and powerful, award-winning IT solutions with clear value propositions that help service providers, resellers, and MSPs uncover new business, expand their practice areas, and run their operations more successfully; and also to support the reporting needs of IT pros working within end-user organizations.

Contact Information

  • Contact:
    Bob Vogel
    RapidFire Tools Inc.