Privacy Compliance
Privacy Assessment
Periodic privacy assessments are a vital tool for establishing and maintaining privacy compliance. A privacy assessment should be part of your system lifecycle development plan (SLDC) triggered when new personal or protected health information is implicated.
A privacy assessment provides information about how well policies are understood and followed and identifies areas where policy should be updated to reflect changes in law, regulation, best practices, or organizational business objectives. Periodic assessments demonstrate a strong committment to a privacy culture and are excellent evidence of your organization's good faith compliance efforts.
Tunitas Group audits privacy from three perspectives:
Risks--what are your exposures and what can be done to minimize the effects
Readiness--what privacy controls are in place and how effective are they in preventing or detecting privacy breaches
Compliance--how well have you meet your privacy obligations and is your documentation sufficient.
Consult with Tunitas Group to audit your current privacy compliance program to identify strengths and weaknesses and prevent errors before they occur
Outsourced Privacy Officer
For those clients who do not currently employ a privacy officer, Tunitas Group provides an independent, competent, and experienced privacy professional to act in this role for your organization.
Our Outsourced Privacy Officer services include
- Compliance reviews
- Policy & Procedure Updates
- Incident Investigation
- Breach Notification
- Day to Day Privacy Support
- Key Management Reports
Tunitas Group Outsourced Privacy Officers are:
- Certified Information Privacy Professionals
- Experienced with federal and state privacy laws and regulations
- Have first hand experience as HIPAA privacy officers
Consult with Tunitas Group for experienced, professional privacy officer services.
Breach Management
The privacy breach management regulations in the HITECH Act create significant new compliance risks for healthcare organizations and business associates.
Tunitas Group offers both Breach Pre-Planning and Recovery Services.
Policy and Procedures
A comprehensive privacy policy that is communicated and enforced throughout your organization is critical for demonstrating a commitment to privacy. Employees, contractors, medical staff, and business associates need clear, concise guidlance in order to appropriately use and disclose the confidential information they need to perform their job functions.
Much too often the privacy policies are merely restatements of the legal or regulatory requirements. Tunitas Group provides action oriented policies and procedures that focus employees on what needs to be done and how to accomplish it.
Our expertise with healthcare privacy laws and regulations combined with our expert writing skills, allows us to review and streamline your existing policies and procedures.
Tunitas Group regularly reviews and edits patient consent and authorization forms, privacy notices, patient request forms, employee handbooks, and other documentation to ensure our clients are meeting their privacy obligations.
Consult with Tunitas Group to assess your privacy practices, identify gaps in policy or procedure, identify employee misunderstanding, and ensure appropriate enforcement of your privacy policies.
Privacy for Data Outsourcing
Healthcare organizations and business associates that utilize outsource arrangements to collect, analyze, process, or store personal or protected health information have ongoing responsibilities to protect the privacy that that data.
Tunitas Group Outsourced Data Privacy services can help you maintain control of your data privacy.
- Due Diligence
- Risk Assessment
- Contract Review
- Ongoing Audits
Consult with Tunitas Group to ensure your privacy policies and practices governing outsourced data are adequate to protect your organization.