ISI is pleased to announce it has gone through a HIPAA recertification through ecfirst and the HIPAA Academy™ on their most recent Risk Analysis, conducted in April of 2016. The Risk Analysis assessed ISI’s compliance with the objectives of the HIPAA Privacy and Security Rules and the HITECH Act. Compliance is a mandate for ISI because they enjoy Business Associate status while working with Covered Entities in the healthcare sector.
ISI Telemanagement began working with ecfirst in October of 2006 to conduct activities such as Risk Analysis and Vulnerability Assessments. Both the Risk Analysis and Vulnerability Assessments are based on the requirements of the HIPAA Privacy and Security Rule. The Risk Analysis is based upon on-site interviews with key staff and management team members, documentation review, review of the ISI offices, and Data Center. The Vulnerability Assessments investigate the existence of any technical vulnerabilities that might jeopardize the confidentiality, integrity, and availability of electronic Protected Health Information (ePHI).
"We are very excited about the recertification by ecfirst,” said Laura Huska, Head of IT. “HIPAA continues to be a critical certification for ISI as many of our healthcare clients rely on this standard to meet their compliance needs when using ISI’s UC Reporting application.” According to ecfirst, ISI completed most of the remediation work from their last analysis and continued to conduct proactive information system activity reviews through the GFI EventsManager system.
ISI's Infortel® Select solution is assessed to certify its effectiveness in maintaining the confidentiality, integrity, and availability of electronic Protected Health Information (ePHI). This compliance achievement means that any Business Entity requiring ISI’s Unified Communications (UC) Reporting solution can trust ISI with their most sensitive data and know that they are HIPAA and HITECH compliant.