HIPAA COMPLIANCE. for Small & Mid-Size Practices

Similar documents
HIPAA Compliance Guide

Hayden W. Shurgar HIPAA: Privacy, Security, Enforcement, HITECH, and HIPAA Omnibus Final Rule

HIPAA Background and History

ARE YOU HIP WITH HIPAA?

Regenstrief Center for Healthcare Engineering HIPAA Compliance Policy

HIPAA 2014: Recent Changes from HITECH and the Omnibus Rule. Association of Corporate Counsel Houston Chapter October 14, 2014.

Auditing for HIPAA Compliance: Evaluating security and privacy compliance in an organization that provides health insurance benefits to employees

North Shore LIJ Health System, Inc. Facility Name. CATEGORY: Effective Date: 8/15/13

HIPAA Privacy & Security. Transportation Providers 2017

UNDERSTANDING HIPAA & THE HITECH ACT. Heather Deixler, Esq. Associate, Morgan, Lewis & Bockius LLP

HIPAA Security. ible. isions. Requirements, and their implementation. reader has

1 Security 101 for Covered Entities

Effective Date: 08/2013

Determining Whether You Are a Business Associate

COUNTY SOCIAL SERVICES POLICIES AND PROCEDURES FOR COMPLIANCE WITH THE HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT OF 1996 HIPAA

HIPAA 102a. Presented by Jack Kolk President ACR 2 Solutions, Inc.

ChoiceNet/InterCare Health Plans Getting Your Arms Around HIPAA Compliance

HIPAA HEALTH INSURANCE PORTABILITY & ACCOUNTABILITY ACT

CROOK COUNTY POLICY AND PROCEDURES FOR COMPLIANCE WITH THE HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT OF

Effective Date: 4/3/17

HIPAA PRIVACY AND SECURITY AWARENESS

HIPAA: Impact on Corporate Compliance

HIPAA, 42 CFR PART 2, AND MEDICAID COMPLIANCE STANDARDS POLICIES AND PROCEDURES

Conduct of covered entity or business associate. Did not know and, by exercising reasonable diligence, would not have known of the violation

HTKT.book Page 1 Monday, July 13, :59 PM HIPAA Tool Kit 2017

HIPAA and Lawyers: Your stakes have just been raised

HILLSBOROUGH COUNTY HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT (HIPAA) PROCEDURES

UNIVERSITY OF TENNESSEE HEALTH SCIENCE CENTER INSTITUTIONAL REVIEW BOARD USE OF PROTECTED HEALTH INFORMATION WITHOUT SUBJECT AUTHORIZATION

HIPAA Redux 2013 Kim Cavitt, AuD Audiology Resources, Inc. Expert e-seminar 4/29/2013. HIPAA Redux Presented by: Kim Cavitt, AuD

Title: HP-53 Use and Disclosure of Protected Health Information for Purposes of Research. Department: Research

The Audits are coming!

HIPAA PRIVACY REQUIREMENTS. Dana L. Thrasher Constangy, Brooks & Smith, LLP (205)

DELHAIZE AMERICA PHARMACIES AND WELFARE BENEFIT PLAN HIPAA SECURITY POLICY (9/1/2016 VERSION)

The HIPAA Omnibus Rule and the Enhanced Civil Fine and Criminal Penalty Regime

Limited Data Set Data Use Agreement For Research

HIPAA Data Breach ITPC

2013 HIPAA Omnibus Regulations: New Rules for Healthcare Providers and Collections Partners

Preparing for a HIPAA Audit & Hot Topics in Health Care Reform

HIPAA in the Digital Age. Anisa Kelley and Rachel Procopio Maryan Rawls Law Group Fairfax, Virginia

March 1. HIPAA Privacy Policy

HIPAA & The Medical Practice

HIPAA AND ONLINE BACKUP WHAT YOU NEED TO KNOW ABOUT

It s as AWESOME as You Think It Is!

Saturday, April 28 Medical Ethics: HIPAA Privacy and Security Rules

HIPAA The Health Insurance Portability and Accountability Act of 1996

UAMS ADMINISTRATIVE GUIDE NUMBER: 2.1

COLUMBIA UNIVERSITY DATA CLASSIFICATION POLICY

What Brown County employees need to know about the Federal legislation entitled the Health Insurance Portability and Accountability Act of 1996.

University of California Group Health and Welfare Benefit Plans HIPAA Privacy Rule Policies and Procedures (Interim)

Privacy Policy Training

COMPLIANCE TRAINING 2015 C O M P L I A N C E P R O G R A M - F W A - H I P A A - C O D E O F C O N D U C T

HIPAA BUSINESS ASSOCIATE AGREEMENT BEST PRACTICES: A COMPLIANCE SOLUTION FOR THE TICKING CLOCK AND THE DRACONIAN CIVIL AND CRIMINAL PENALTIES

Texas Health and Safety Code, Chapter 181 Medical Records Privacy Law, HB 300

HIPAA Service Description

THE CITY AND COUNTY OF SAN FRANCISCO SECTION 125 CAFETERIA PLAN HIPAA PRIVACY POLICIES & PROCEDURES

Getting a Grip on HIPAA

HIPAA AND YOU 2017 G E R A L D E MELTZER, MD MSHA

LEGAL ISSUES IN HEALTH IT SECURITY

HIPAA Privacy Overview

Texas Tech University Health Sciences Center El Paso HIPAA Privacy Policies

Texas Tech University Health Sciences Center HIPAA Privacy Policies

HITECH and HIPAA: Highlights for Health Departments. Aimee Wall UNC School of Government

MEMORANDUM. Health Care Information Privacy The HIPAA Regulations What Has Changed and What You Need to Know

The Privacy Rule. Health insurance Portability & Accountability Act

Human Research Protection Program (HRPP) HIPAA and Research at Brown

HIPAA Basic Training for Health & Welfare Plan Administrators

March 1. HIPAA Privacy Policy. This document includes: HIPAA Privacy Policy Statement, HIPAA Manual and HIPAA Forms

The Impact of Final Omnibus HIPAA/HITECH Rules. Presented by Eileen Coyne Clark Niki McCoy September 19, 2013

Highlights of the Omnibus HIPAA/HITECH Final Rule

8/14/2013. HIPAA Privacy & Security 2013 Omnibus Final Rule update. Highlights from Final Rules January 25, 2013

True or False? HIPAA Update: Avoiding Penalties. Preliminaries. Kim C. Stanger IHCA (7/15)

HIPAA Overview Health Insurance Portability and Accountability Act. Premier Senior Marketing, Inc

New HIPAA-HITECH Proposed Regulations Issued

University of Mississippi Medical Center Data Use Agreement Protected Health Information

SUNY DOWNSTATE MEDICAL CENTER UNIVERSITY HOSPITAL OF BROOKLYN POLICY AND PROCEDURE

HIPAA COMPLIANCE ROADMAP AND CHECKLIST FOR BUSINESS ASSOCIATES

To: Our Clients and Friends January 25, 2013

HIPAA Training. HOPE Health Facility Administrators June 2013 Isaac Willett and Jason Schnabel

HIPAA Omnibus Rule. Critical Changes for Providers Presented by Susan A. Miller, JD. Hosted by

AFTER THE OMNIBUS RULE

This form cannot act as an authorization to assign commissions. Appointment Form Only. Steps to obtain an Appointment:

HIPAA. What s New & What Do I Have To Do? Presented by Leslie Canham, CDA, RDA, CSP (Certified Speaking Professional)

HIPAA: Final Omnibus Rule is Here Arizona Society for Healthcare Risk Managers November 15, 2013

HIPAA Privacy and Security for Employers in the Age of Common Data Breaches. April 30, 2015

What is HIPAA? (1 of 2)

UBMD Policy for HIPAA Compliant Subject Recruitment

HIPAA BUSINESS ASSOCIATE AGREEMENT BEST PRACTICES KURTIN PLLC COMPLIANCE SOLUTION: UPDATE January 3, I. Executive Summary.

2016 Business Associate Workforce Member HIPAA Training Handbook

HIPAA Compliance Under the Magnifying Glass

HIPAA Enforcement Under the HITECH Act; The Gloves Come Off

HIPAA THE NEW RULES. Highlights of the major changes under the Omnibus Rule

HIPAA Security How secure and compliant are you from this 5 letter word?

HIPAA Compliance. PART I: HHS Final Omnibus HIPAA Rules

HIPAA HEALTH INSURANCE PORTABILITY & ACCOUNTABILITY ACT

Interpreters Associates Inc. Division of Intérpretes Brasil

HIPAA Privacy Rule Policies and Procedures

UCLA Health System Data Use Agreement

HIPAA vs. GDPR vs. NYDFS - the New Compliance Frontier. March 22, 2018

The Security Risk Analysis Requirement for MIPS. August 8, 2017, 2:00 p.m. to 3:00 p.m. ET Peter Mercuri, Practice Transformation Specialist

HIPAA OMNIBUS RULE. The rule makes it easier for parents and others to give permission to share proof of a child s immunization with a school

Transcription:

HIPAA COMPLIANCE for Small & Mid-Size Practices Golden State Web Solutions 619.825.GSWS (4797)

INTRODUCTION Most individuals reading this are interested in HIPAA, GSWS, or some combination of the two; and the 2 most common questions asked are usually as follows: WHY SHOULD MY PRACTICE START COMPLYING WITH HIPAA? We could say It s the law and leave it at that, but let s take it a little further and look at what it adds to your practice. Other benefits include: Demonstrating to your patients that you care about their privacy. Incoming doctors (potential successor) will expect compliance. Improving operational procedures, efficiency and accuracy. Significantly reduce your exposure to data breaches and/or fines. WHY SHOULD GSWS BE YOUR CHOICE OF AUDITOR? GSWS has been managing medical practice networks and client data for years in a HIPAA compliant manner. We already know the requirements for getting (and staying) compliant. When clients started getting estimates, the quotes were expensive enough to make the process cost-prohibitive. Running in that wall enough times, we decided to start conducting audits ourselves. GSWS recognizes the need for audit assessment services at a cost that s affordable to small and mid-size healthcare practices. We will explain everything, set you up for success, and provide all the documentation you need if an auditor shows up at your door. SOUND GOOD ENOUGH ALREADY? SPEAK WITH US! To speak with someone, contact us at or 619-825-4797. Otherwise, we hope you find this document helpful and feel free to contact us with any questions you may have. PLEASE NOTE: This document is intended as an informational guide only, and has been greatly condensed. GSWS is not a law firm, and this is not legal advice. If you are seeking legal advice, you should contact an attorney.

HIPAA: WHAT IT IS & WHAT TO KNOW In simplest terms, HIPAA is the Health Insurance Portability and Accountability Act that sets the standard for protecting sensitive patient data. HIPAA regulations address the saving, accessing and sharing of medical and personal information of any individual, as well as outline the security standards to protect health data, also known as PHI (Protected Health Information). Any organization that deals with PHI must ensure that all the required physical, network, and process security measures are in place and followed. This includes covered entities (anyone who provides treatment, payment and operations in healthcare), and business associates (anyone with access to patient information and/or provides support in treatment, payment or operations). Subcontractors, or business associates of business associates, must also adhere to these standards and regulations. The word reasonable appears dozens of times in the HIPAA regulations. HIPAA law requires that CEs and BAs take reasonable steps to protect PHI from reasonably anticipated threats. If you are ever investigated for a HIPAA violation, and you acted in good faith and made reasonable efforts to do what HIPAA requires, your liability will be much lower than if you neglected your HIPAA obligations and/ or did not act in good faith.

COMMON QUESTIONS It s important to understand what HIPAA means to better protect your organization and the sensitive data that it holds. We gathered some of the most common questions about HIPAA and broke down what every single healthcare company in the U.S. needs to know. WHAT IS HIPAA? HIPAA, the Health Insurance Portability and Accountability Act, is a federal law that protects the privacy and security of health data. Initially passed in 1996, updated by a law called HITECH in 2009 and in 2013, (under the larger Omnibus rule) rolled the requirements of all 3 legislations into 1 act. For the sake of sanity, HIPAA, HITECH, and the Omnibus Rule all refer to the same concept: the HIPAA regulations. While it does include regulations and standards, it also allows some flexibility in how the regulations and standards can be addressed (i.e. data, data criticality, amount of employees, number of locations, etc.). That s where HIPAA gets more complicated, and we recommend you speak to a cybersecurity and compliance expert. WHO REGULATES HIPAA? HIPAA regulations are enforced by the Office for Civil Rights (OCR) of the U.S. Department of Health and Human Services (HHS). WHO DOES HIPAA AFFECT? In short, everyone. Medical practitioners are responsible for managing client data within HIPAA s compliance regulations. Patients are affected with how their PHI/PII is classified and its levels of privacy. WHAT IS PHI/PII? PHI stands for Protected Health Information and PII stands for Personally Identifiable Information. In its most abbreviated description, PHI/ PII is any data unique to the individual/record. Examples include any information relating to an individual s past, present, or future physical or mental health or condition. Outside of medical information, it expands into information such as name, address, birthdate, and Social Security Number. Your only proof of HIPAA compliance is the paperwork and other evidence you create. For overall HIPAA compliance, it certainly helps to do the right things, and avoid those things HIPAA prohibits. If you cannot show evidence of your actions later, whether in court or in an OCR investigation or audit, all your efforts are in vain. HIPAA requires you to retain HIPAA-related documents for a minimum of six (6) years from the date a document was created or was last in effect, whichever is later. This does not refer to clinical, medical records, but to your HIPAA-related documents. HIPAA does not have a retention requirement for actual medical records, but leaves that issue to state laws and other federal laws.

WHAT IS REQUIRED TO BE HIPAA COMPLIANT? The HIPAA framework includes 18 standards and a total of 36 implementation specifications that detail the framework for compliance To see a complete list of standards and regulations, please see the 18 HIPAA Identifiers and HIPAA Security Regulations & Standards sections of this document. HOW CAN I MAKE SURE HIPAA REQUIREMENTS ARE MET? The most common way for your medical practice to ensure requirements are met is to hire a consultant (like us) to navigate you through the process. It can be tricky, and the penalties can be expensive, so it s not something to be taken lightly. Upon completion, your practice will have a complete HIPAA reference manual, fully updated with all the information required from an audit. We give you exactly what a potential HHS HIPAA auditor will be looking for. IF I HIRE YOU FOR AN AUDIT, WILL THIS ALL GO AWAY? Nice thought, but no. Compliance with the HIPAA Security Regulation is an ongoing process with periodic reviews and evaluations required. Best practice includes consistent reviews. Reviews can be based on the calendar year (i.e. every 6 or 12 months) or when there is a significant change to the organization (individuals leave, new hires, changes in technology, etc.). Additionally, part of the HIPAA framework adoption process states someone must be identified as the designated HIPAA Security Officer for the practice. This can be an employee within the organization, or by a third party. Part of the overall process will define what makes best sense for the organization. HOW CAN I START MY HIPAA COMPLIANCE PROCESS? Contact us at or 619-825-4797. First thing we are going to do is simply get together and discuss how the process works. There is no pressure, requirement to sign up nor any cost for an initial consultation. We look forward to speaking with you. PLEASE NOTE: This document is intended as an informational guide only, and has been greatly condensed. GSWS is not a law firm, and this is not legal advice. If you are seeking legal advice, you should contact an attorney.

HIPAA VIOLATIONS & PENALTIES What happens if you violate HIPAA? That depends of the severity of the violation. OCR prefers to resolve HIPAA violations using non-punitive measures, such as with voluntary compliance or issuing technical guidance to help covered entities address areas of non-compliance. However, if the violations are serious, have been allowed to persist for a long time, or if there are multiple areas of noncompliance, financial penalties may be imposed. HIPAA VIOLATION PENALTY TIERS First Tier The covered entity did not know and could not reasonably have known of the breach. The four categories used for the penalty structure are Category 1 A violation that the covered entity was unaware of and could not have realistically avoided, had a reasonable amount of care had been taken to abide by HIPAA Rules Category 2 A violation that the covered entity should have been aware of but could not have avoided even with a reasonable amount of care. (but falling short of willful neglect of HIPAA Rules) Category 3 A violation suffered as a direct result of willful neglect of HIPAA Rules, in cases where an attempt has been made to correct the violation Category 4 A violation of HIPAA Rules constituting willful neglect, where no attempt has been made to correct the violation HIPAA Violation Penalty Structure Each category of violation carries a separate HIPAA penalty. It is up to OCR to determine a financial penalty within the appropriate range. OCR considers a number of factors when determining penalties, such as the length of time a violation was allowed to persist, the number of people affected and the nature of the data exposed. An organization s willingness to assist with an OCR investigation is also taken into account. The general factors that can affect the level of financial penalty also include prior history, the organization s financial condition and the level of harm caused by the violation. Second Tier The covered entity knew, or by exercising reasonable diligence would have known of the violation, though they did not act with willful neglect. Third Tier The covered entity acted with willful neglect and corrected the problem within a 30-day time period. Fourth Tier The covered entity acted with willful neglect and failed to make a timely correction. Category 1: Minimum fine of $100 per violation up to $50,000 Category 2: Minimum fine of $1,000 per violation up to $50,000 Category 3: Minimum fine of $10,000 per violation up to $50,000 Category 4: Minimum fine of $50,000 per violation

The fines are issued per violation category, per year that the violation was allowed to persist. The maximum fine per violation category, per year, is $1,500,000. HIPAA Criminal Penalties In addition to civil financial penalties for HIPAA violations, criminal charges can be filed against the individual(s) responsible for a breach of PHI. Criminal penalties for HIPAA violations are divided into three separate tiers, with the term and an accompanying fine decided by a judge based on the facts of each individual case. As with OCR, a number of general factors are considered which will affect the penalty issued. If an individual has profited from the theft, access or disclosure of PHI, it may be necessary for all moneys received to be refunded, in addition to the payment of a fine. The tiers for HIPAA criminal penalties are Tier 1 Reasonable cause or no knowledge of violation. Up to 1 year in jail. Tier 2 Obtaining PHI under false pretenses. Up to 5 years in jail. Tier 3 Obtaining PHI for personal gain or malicious intent. Up to 10 years in jail. If a violation does occur, the investigation that follows will involve research and interviews to determine, among other things, what threats you reasonably anticipated, and what specific steps you took to guard against them. If you did everything right and a violation still happens, your liability is relatively low. If a violation happens and you did not take appropriate steps to guard against reasonably anticipated threats, your liability will be much higher.

THE 18 HIPAA IDENTIFIERS The HIPAA privacy rule sets forth policies to protect all individually identifiable health information that is held or transmitted by a covered entity. This information can be used to identify, contact, or locate a single person or can be used with other sources to identify a single individual. When personally identifiable information is used in conjunction with one s physical or mental health or condition, health care, or one s payment for that health care, it becomes Protected Health Information (PHI). These are the 18 HIPAA Identifiers that are considered personally identifiable information: 1. Name 2. Address (all geographic subdivisions smaller than state, including street address, city county, and zip code) 3. All elements (except years) of dates related to an individual (including birthdate, admission date, discharge date, date of death, and exact age if over 89) 4. Telephone numbers 5. Fax number 6. Email address 7. Social Security Number 8. Medical record number 9. Health plan beneficiary number 10. Account number 11. Certificate or licence number 12. Vehicle identifiers and serial numbers, including license plate numbers 13. Device identifiers and serial numbers 14. Web URL 15. Internet Protocol (IP) Address 16. Biometric identifiers, including finger and voice prints 17. Photographic image (images are not limited to images of the face) 18. Any other characteristic that could uniquely identify the individual DECEDENT RESEARCH Be aware that the HIPAA Privacy rule protects individually identifiable health information of deceased individuals for 50 years following the date of death. If the research will include any identifiers linked to living persons or involves accessing death records maintained by the State Registrar, local registrars, or county recorders, the project must be approved by the IRB in advance. If a communication contains any of these identifiers, or parts of the identifier, such as initials, the data is to be considered identified. To be considered de-identified, ALL of the 18 HIPAA Identifiers must be removed from the data set. This includes all dates, such as surgery dates, all voice recordings, and all photographic images.

HIPAA SECURITY REGULATIONS & STANDARDS ADMINISTRATIVE SAFEGUARDS 45 C.F.R. 164.308 1. Security Management Process a. Risk Analysis (Required) b. Risk Management (Required) c. Sanction Policy (Required) d. Information System Activity Review (Required) 2. Assigned Security Responsibility 3. Workforce Security a. Authorization and/or Supervision Policy (Addressable) b. Workforce Clearance Procedures (Addressable) c. Termination Procedures (Addressable) 4. Information Access Management a. Isolating Healthcare Clearinghouse Function (Required) b. Access Authorization (Addressable) c. Access Establishment and Modification (Addressable) 5. Security Awareness and Training a. Security Reminders (Addressable) b. Protection from Malicious Software (Addressable) c. Log-in Monitoring (Addressable) d. Password Management (Addressable) 6. Security Incident Procedures a. Response and Reporting (Required) 7. Contingency Plan a. Data Backup Plan (Required) b. Disaster Recovery Plan (Required) c. Emergency Mode Operation Plan (Required) d. Testing and Revision Procedures (Addressable) e. Applications and Data Criticality Analysis (Addressable) 8. Evaluation 9. Business Associate Contracts and Other Arrangement a. Written Contracts or Other Arrangement (Required) PREPARE IN ADVANCE! A response plan should be created that defines who does what, in what order, if an audit or investigation happens. Plan for a surprise onsite visit as well as a notifiedin-advance scenario. BE COMPLAINT FRIENDLY Treat each complaint as an opportunity to make someone happy, and build your reputation as a friendly place to do healthcare business. People who file a complaint generally believe a wrong has really occurred, and they want to be treated with dignity and espect. PHYSICAL SAFEGUARDS 45 C.F.R. 164.310 10. Facility Access Controls a. Contingency Operations (Addressable) a. Facility Security Plan (Addressable) b. Access Control and Validation Procedures (Addressable) c. Maintenance Records (Addressable)

11. Workstation Use. 12. Workstation Security. 13. Device and Media Controls. a. Disposal (Required). b. Media Re-use (Required). c. Accountability (Addressable). d. Data Back-up and Storage (Addressable). TECHNICAL SAFEGUARDS 45 C.F.R. 164.312 14. Access Control. a. Unique User Identification (Required). b. Emergency Access Procedure (Required). c. Automatic Log-Off (Addressable). d. Encryption and Decryption (Addressable). 15. Audit Control. 16. Integrity. a. Mechanism to Authenticate ephi (Addressable). 17. Person or Entity Authentication. 18. Transmission Security. a. Integrity Controls (Addressable). b. Encryption (Addressable). POLICIES, PROCEDURES, AND DOCUMENTATION REQUIREMENTS 45 C.F.R. 164.316 19. Policies and Procedures 20.Documentation a. Time Limit (Required) b. Availability (Required) c. Updates (Required) ORGANIZATIONAL REQUIREMENTS 45 C.F.R. 164.314 21. Business Associate Contracts or Other Arrangements a. Business Associate Contracts (Required) b. Other arrangements (Required) c. Business Associate Contracts with Sub-Contractors (Required) SOURCE: AOA HIPAA Security Regulation Compliance Manual

ADDITIONAL RESOURCES U.S. Department of Health & Human Services HHS main website: https://www.hhs.gov HHS HIPAA information for Professionals: https://www.hhs.gov/hipaa/for-professionals/index.html HHS HIPAA information for Individuals: https://www.hhs.gov/hipaa/for-individuals/index.html National Institute of Standards & Technology (NIST) An Introductory Resource Guide for Implementing the Health Insurance Portability and Ac countability Act. (HIPAA is based on the NIST Cybersecurity framework). Free downloadable pdf: https://www.hhs. gov/sites/default/files/ocr/privacy/hipaa/administrative/securityrule/ nist80066.pdf HIPAA details for Optometric Practitioners: AOA https://www.aoa.org/optometrists/tools-and-resources/hipaacompliance?sso=y HIPAA details for Dental Practitioners: ADA http://www.ada.org/en/member-center/member-benefits/practiceresources/dental-informat ics/electronic-health-records/health-systemreform-resources/hipaa-privacy-security HIPAA details for Chiropractors: American Chiropractic Association https://www.acatoday.org/hipaa HIPAA Compliance Best Practices: HIPAA Journal http://www.hipaajournal.com/hipaa-compliance-best-practices-8809/ Golden State Web Solutions https:// Free Cybersecurity Awareness Training Online, On-Demand resource for educating employees: https://gsws.com/security/cybersecurity-awareness-training/

CERTIFICATIONS AND ORGANIZATIONS ABOUT GSWS (GSWS) opened in 1994 as a startup internet technology company, offering website design, site maintenance, email, hosting and domain name registration. Fast forward to today and providing clients with Cybersecurity solutions has become our primary focus. We still provide Managed IT, Web Development and Hosting services as always, but our core focus is on the security and compliance requirements placed upon our client s business needs. This simply means if you are our client, our primary focus is on what is most critical to you. This can be security centered, compliance related and/or just the overall way your organization is using technology to improve processes. Working together in that capacity, the structure and management of technology will inherently fall in order in a way that overall better supports your organization s needs and business objectives. We are a close-knit team of highly skilled (and personable) individuals who work closely together. Whether we are guiding a client through a security assessment report or presenting a tailored cybersecurity solution, our knowledge, skills, respect, quality service and care provides our clients support of their organization s technology needs and requirements. Everything starts with an initial consultation or vulnerability assessment, so we can speak to you as to what specifically affects your organization. Contact us with any questions you may have at 619-825-4797 or email us directly at. We look forward to speaking with you. For additional information, please visit:

2024 © financedocbox.com Privacy Policy | Terms of Service | Feedback