cyberehr-logo
CyberEHR is a specialized Governance, Risk and Compliance Platform designed specifically for hospitals and health systems.

In a sea of rising cyber security issues, there are major challenges confronting Healthcare providers, including:
• Monitoring and managing the organization’s regulatory compliance.
• Monitoring and managing the cyber security readiness of the organization and its supply chain
• Effectively providing meaningful metrics to stakeholders and decision makers.

  What is CyberEHR?

CyberEHR is an end to end Risk Management Solution. The platform assists IT, Compliance and Risk Management departments by giving them an integrated system that helps with identifying and tracking security and compliance issues.


Benefits & Features:

• Easy to use and implement
• Issue Tracking and Remediation Management
• Provides meaningful metrics to the organizations stakeholders
• Audit Reporting


Contact us today for a Demo

HIPAA Background

The HIPAA Security Rule establishes national standards for the security of electronic protected health information. It specifies a series of administrative, technical, and physical security safeguards for covered entities and their business associates to assure the integrity, availability, and confidentiality of electronic protected health information. Compliance with the Security rule was required as of April 20, 2005, for most entities covered by HIPAA, and by September 23, 2013, for their business associates.

The cost of not having your ducks in a row

The authority to administer and enforce the Security Rule was transferred to OCR on July 27, 2009.

Since that time, there have been over 30 civil money penalties handed out for non-compliance. While the average penalty amount is $850,000, fines do regularly exceed the $3M mark.

As of January 31, 2016, over 69% of the organizations investigated since April 13, 2003 by the Office of Civil Rights required corrective action!

OCR Phase 2 Audits

An additional concern for organizations is the announcement of random HIPAA compliance audits being carried out by OCR. Every covered entity and business associate will be eligible to be audited regardless of size or type. Organizations that are found to have serious compliance issues, may initiate a compliance review for further investigation.