HIPAA Privacy and Security

The Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule provides federal protections for individually identifiable health information held by covered entities and their business associates. The Security Rule specifies a series of administrative, physical, and technical safeguards for covered entities and their business associates to use to assure the confidentiality, integrity, and availability of electronic protected health information.

The Health Information Technology for Economic and Clinical Health (HITECH) Act amended HIPAA to require covered entities to create and implement information-security policies covering Protected Health Information (PHI) that is electronically transmitted or maintained.

Medcom Benefit Solutions offers multiple ways to ensure your company's HIPAA compliance.


Medcom provides comprehensive on-site or web-delivered HIPAA-HITECH Training. HIPAA-HITECH Training sessions help educate employees on HIPAA Privacy and Security laws. This helps companies better protect the privacy and security of protected health information. Training sessions may include the development of policies and procedures for implementing a HIPAA-compliant program.

Key Features and Benefits of Medcom's Training:

  • Personalized and customized solutions for employers of all types and sizes
  • Presented by qualified, experienced professionals
  • Provides a customized solution for self-funded employers, open enrollment counselors, management training, HR professionals, IT staff, healthcare industry personnel, and others
  • Meets annual training requirements
  • Helps the employer create a culture of privacy and security

Medcom’s expert instructors have provided training for professionals in diverse industries such as healthcare, insurance, governmental agencies, education, transportation, manufacturing, retail, and hospitality. A certificate of training is provided upon completion of the course.

HIPAA Privacy Package

We also provide a HIPAA Privacy Package that includes the following customized documents:

  • HIPAA Privacy Policies
  • HIPAA Privacy Notice
  • Confidentiality Agreement
  • Business Associate Agreement Template
  • HIPAA Privacy Forms
    • Authorization & Revocation
    • Person Representative Designation
    • Request for Confidential Communications
    • Request for Access
    • Request for Restriction
    • Request for Amendment
    • Request for Accounting

Risk Assessment

The Security Risk Assessment and Risk Management Plan is divided into two sections and can be delivered in one of two ways:

  • Employers complete the questionnaire on their own then receive a report
  • Medcom will walk you through the questionnaire to ensure accuracy and efficiency

*Both options are accompanied by two hours of consulting services from one of our highly trained, HIPAA certified, experts.

Risk Assessment & Management Sections:

  1. Section one benefits is structured for employer-sponsored health plans and benefits from the knowledge of the Plan Sponsor, designated Privacy officer, or the organization’s Human Resources professional. Knowledge of the company’s health plans is a must for section one.
  2. Section two focuses on the IT section of an organization. This section can be completed in more than one sitting and requires an individual with technical knowledge regarding the company’s processes and procedures.

HIPAA Compliance Review

Medcom’s HIPAA Privacy & Security Compliance Review helps employers audit their HIPAA Program from a compliance perspective. This solution, designed for self-funded health plans, is similar to what companies may expect from the Department of Health & Human Services.

The HIPAA Compliance Review includes:

  • Security Rule Audit
    • Review of Security Risk Assessment, Physical Risk Assessment, and Administrative Risk Assessment
    • Review of Risk Management Plans and Policies and Procedures
    • Review of Business Contingency Plan
    • Plus more
  • Privacy Audit
    • Analysis of Notice of Privacy Practices
    • Review of Business Associate Agreement
    • Review of HIPAA Privacy Policies and Procedures
    • Privacy Officer job description
    • Plus more
  • Breach Notification Rule Review

Medcom works closely with employers to meet their unique needs in an increasingly challenging regulatory environment.

The HIPAA Compliance Review is an audit only and does not provide any policies, procedures, or training.

Request A Proposal

Which services would you like to learn more about?
Request A Proposal

Other Solutions

Stay Connected