HIPAA & HITECH Compliance

As a trusted IT advisor to numerous collectively bargained multiemployer benefit plans, Locktight Solutions has developed an expertise in designing, building and maintaining HIPAA and HITECH compliant systems. We make it our business to understand the rules under which multiemployer plans must operate, and take great pride in the fact that no other IT consulting firm can match our expertise in this area.

HIPAA Compliance

Locktight Solutions is experienced in building HIPAA compliant systems. We work with clients to remediate deficiencies in their systems, implementing changes that help them meet HIPAA security requirements.

"Locktight truly understands the unique needs of multiemployer plans. They've worked closely with us to make sure that our system meets all HIPAA security requirements. We're extremely satisfied with the results."

The purpose of Health Insurance Portability and Accountability Act of 1996 ("HIPAA") is to prevent the inappropriate use and disclosure of private health information. Licensed medical providers, healthcare clearinghouses and health plans (including Taft-Harley Funds/multiemployer benefit plans) are considered "covered entities" under HIPAA. As such, these entities are required to comply with all HIPAA security regulations. Specifically, these organizations must protect the health information they receive and the systems which store, transmit and process that information.

With a growing reliance on information technology in the healthcare industry and the adoption of electronic medical records, it is crucial to ensure the safe handling of sensitive data. Additionally, the passage of the HITECH Act (part of the American Recovery and Reinvestment Act of 2009) has increased the criminal penalties associated with HIPAA not only to covered entities, but to individual employees of covered entities and business associates. This renewed focus on HIPAA makes it even more important for organizations to ensure appropriate controls and safeguards have been implemented to prevent unauthorized access and disclosure of sensitive data.

Locktight Solutions has assisted multiemployer funds across many industries in building HIPAA compliant systems. Let us show you how. For a free consultation, click here.

HITECH Act Compliance

Locktight Solutions assists multiemployer health plans in leveraging the HITECH Act's Safe Harbor Act.

The Health Information Technology for Economic and Clinical Health Act (HITECH) imposes certain requirements on "Covered Entities" (such as multiemployer health plans) and their business associates in the event of certain security breaches relating to Protected Health Information.

"Like many other multiemployer plans, we partner with Locktight Solutions to ensure that our systems are HIPAA and HITECH compliant."

For example, the HITECH Act requires group health plans to provide notice to affected individuals when there is a breach involving their unsecured Protected Health Information. The only way to avoid breach notification requirements is to take advantage of the HITECH Act's Safe Harbor Act. In a statement issued in 2009, the U.S. Department of Health and Human Services specified that only encryption or destruction can render Protected Health Information secure for purposes of the breach notification rules. Therefore, if a group health plan encrypts protected Health Information or destroys it, the plan effectively eliminates breach notification requirements and its associated costs.

Locktight Solutions assists Covered Entities such as multiemployer benefit plans secure sensitive health information using enterprise-grade encryption (whether self-contained or centrally managed). Information can easily be encrypted without performance degradation, rewriting applications, or management costs. For a free consultation, click here.