• The HIPAA Secure Now! service is designed to minimize the amount of work that you and your staff need to do. We find that the person(s) providing the information to us, so that we can perform the risk assessment, will need about 2.5 hours of time to complete the information. The time can be spread over a few days and does not have to be done all at once.
• Employees will need to take the HIPAA Security Training which is an online training class. Once they complete the class, they will take a short compliance quiz. Employee training and compliance testing takes about 1 hour. Training and testing can be started and stopped and spread over a couple of days.

In order to use the HIPAA Secure Now! service the following steps must be completed.

1. Create a userid and password to access the HIPAA Secure Compliance Portal
2. Login into the HIPAA Secure Compliance Portal
3. Complete the organizational profile.  The organizational profile helps us understand your environment so we can perform a thorough risk assessment.  Some of the information that you will fill out includes:
   • Amount of offices and locations
   • Server and network information including the amount of servers, desktops, laptops, tablets, etc
   • Details of your EMR / EHR
   • Details on systems that contain patient data
4. Complete the risk assessment questionnaire.
   • There are around 50 questions that need to be answered.
   • The questions are clearly explained and most require a Yes/No answer.
   • You may need input from some of your staff, IT staff, etc.
5. Upload any existing policies and procedures that you already have in place
   • Using the HIPAA Secure Compliance Portal, you can upload existing policies and procedures.  These may include:  termination procedures, data backup procedures, etc.
   • Uploading existing policies and procedures is completely optional and helps us with performing the risk assessment.
6. Once you have completed steps 1-5 we will perform the risk assessment for you.  If we need additional information we will contact you.  Upon completion of the risk assessment we will notify you that the risk assessment is complete.
7. You will be able to access the risk assessment reports as well as the 18 HIPAA Security policies and procedures by logging into the HIPAA Secure Compliance Portal.  The documents can be viewed or downloaded from the HIPAA Secure Compliance Portal.
8. The next step is to provide a link and access information for the HIPAA Secure Compliance Portal to all of your employees.  We provide you the information which you can forward or give to your employees.
9. Each of your employees will create userids and passwords to the HIPAA Secure Compliance Portal (just like you did in step one).  Employees will only be given a subset of the information that you (the administrator) has access to.
10. Employees will access the HIPAA Security Training and complete the compliance testing.

• No, the HIPAA Secure Now! service is designed so there is no need to come to your office(s). The HIPAA Secure Compliance Portal is encrypted and secure and will allow for us to work together to get the necessary information to create the policies and procedures, perform the risk assessment and provide training to your employees.

• One of the requirements for the HIPAA Security Rule is to select an individual to have the overall responsibility for ensuring that the Security Rule is implemented and enforced. The person in your organization that will have this role should be involved with the HIPAA Secure Now! process. This person along with others, if necessary, will provide the information in order for us to perform the risk assessment. They will also need to review the HIPAA Security Rule policies and procedures and ensure that they understand them and are prepared to implement them within the organization.
• Additionally all employees of the organization will need to take the HIPAA Security training and compliance testing.

• No, the HIPAA Secure Now! training and compliance testing utilizes an interactive online training platform. All employees will access the online training through the HIPAA Secure Compliance Portal.

1. Employees need to create a userid and password to access the HIPAA Secure Compliance Portal
2. Employees will log into the HIPAA Secure Compliance Portal and click on the HIPAA Security Training link
3. Employees will do the following 3 steps to complete the training:
   1. Take the online HIPAA Security Training class
   2. Take a brief HIPAA Security compliance test
   3. Print out their HIPAA Security training certificate upon successful completion of the HIPAA Security compliance test. Employees will need to achieve an 80% or better to pass the compliance test. If employees fail to achieve an 80% they can retake the test until they achieve an 80% score.

• The HIPAA Secure Now! service provides you with the following:
  1. HIPAA Security and Privacy Rule policies and procedures in Microsoft Word format.  These are completed policies and procedures.  They can be implemented as is or can be modified if required.  You can download them or access them on the HIPAA Secure Compliance Portal.
  2. A thorough security risk assessment of all the systems that create, modify or maintain electronic protected health information (ePHI or better known as patient information). The output of the risk assessment is a risk assessment report and work plan to help implement additional security.
  3. HIPAA Security and Privacy training and compliance testing for all employees of the organization.
  4. 12 months use of the HIPAA Security Compliance Portal that helps organizations manage their compliance with the HIPAA Security and Privacy Rules.

• There are no additional costs associated with the HIPAA Secure Now! service. For the price listed based on the size of your organization, you get the following:
  1. HIPAA Security and Privacy policies and procedures
  2. A thorough HIPAA Security risk assessment
  3. HIPAA Security and Privacy training for all employees

• Good question!  HIPAA Secure Now! helps organizations implement and comply with the HIPAA Security, Privacy and Omnibus Rules.  Simply put, we do most of the hard work for you.  Other services provide you with templates and tools to help implement the HIPAA Regulations.  These tools require that you do a lot of the work.  The HIPAA Secure Now! service does the hard work for you.  In addition, if you were to purchase each of the items that are included in the HIPAA Secure Now! service, you could spend much more than the price of HIPAA Secure Now!  Finally, HIPAA Secure Now! was developed by experts knowledgeable with the HIPAA Security and Privacy Rules, computer and network security, and security training. The combination of these skills is apparent in the level of detail and knowledge that the service provides.

• The HIPAA Secure Now! service does not guarantee that you are compliant with the HIPAA Security Rule.  The service provides education and tools to help you implement the HIPAA Security Rule.  The HIPAA Security policies and procedures are a foundation for implementing the Security Rule.  It is the organization’s responsibility to ensure that all employees comply with the policies and procedures.  In addition, the HIPAA Security risk assessment identifies areas that the organization needs to concentrate on to further protect electronic protected health information (ePHI or better known as patient information).  It is the organization’s responsibility to use the risk assessment and implement the recommendations to further protect ePHI.
• It should also be noted that HIPAA Secure Now! is not legal advice.  You should consult with legal counsel to ensure a full legal interpretation of the law.

• Within 48 hours of checkout, an email will be sent to the the email address provided that details the next steps.  The email will contain the registration ID that the administrator will use to create an ID and password to access the HIPAA Secure Compliance Portal.    From there the steps detailed in the “What do I need to do?” question above will be taken.