file folders


"Fewer than half of all respondents say that their organization has established security baselines for external partners, customers, suppliers, and vendors (43%) or requires third parties to comply with internal privacy policies (37%)."

- PWC Global State of Information Security Study



dsbm

Healthcare Plans

Compliance has become increasingly more complicated with the introduction of new guidance, regulations, and standards affecting healthcare plans.  Managing programs that ensure compliance obligations is complex, difficult and costly, particularly if manual approaches must be used. Enterprise GRC platforms are no longer viable solutions because of the time and cost needed to customize.  Avior provides automated solutions tailored to the workflows and compliance content specific to the healthcare sector and its new mandates.

With impending regulatory deadlines fast approaching and the revenue impacts of non-compliance, the healthcare industry must find solutions that can be implemented quickly and deliver value quickly.  Avior’s BenchMark solution is SaaS-based, can be deployed rapidly, and promptly provides cost savings to the healthcare sector.  With pre-built assessments, reports and an integrated workflow, BenchMark ensures that compliance programs can be automated without delay.

Avior’s indepth knowledge of the healthcare industry enables us to create solutions that automate program management for key compliance areas including ICD-10, Vendor Risk Management, and IT Security and Privacy.  Avior’s solutions allows insurers to more effectively deal with a myriad of regulations and guidance, including:


Health care Portability and Accountability Act (HIPAA) requires a new EDI standard for all insurance and Medicare transactions as of January 1, 2012 and new, expanded diagnostics codes by October 1, 2013. Payers must ensure that every affiliate who submits claims (and other transactions) comply and are compatible.  Failure to comply will result in significant lost revenue.

Health Information Technology for Economic and Clinical Health Act (HITECH Act) extends the Privacy and Security Provisions of HIPAA to business associates of covered entities. This includes the extension of newly updated civil and criminal penalties to business associates. Healthcare payers must now monitor their vendors and other business associates for compliance. HITECH provisions include data breach notification requirements for healthcare data breaches.

Centers for Medicare and Medicaid Services (CMS) Security Audits require regulated entities to conduct formal assessments of the security of HIPAA regulated data including affiliates, vendors and other business associates.

Corporate Integrity Agreements are imposed by the Department of Health and Human Services (HHS) as negotiated compliance obligations with health care providers, life science companies and other entities as part of the settlement of Federal health care program investigations arising under a variety of civil statutes. A provider or entity consents to these obligations as part of the civil settlement and in exchange for HHS’s agreement not to seek an exclusion of that health care provider or entity from participation in Medicare, Medicaid and other Federal health care programs.