Open Source Subnet An independent Open Source community View more

When HIPAA is too hard, Health Security Solutions

Outsourcing HIPAA compliance a viable option for doctors.

Health care today is a complicated business. Staying on top of the latest medical developments, treatments and technology is a full-time job. Working within the insurance company business process so you can get paid is yet another world unto itself. Running a business trying to keep people healthy (that is the goal right?) is hard enough. Making sure that you are also complying with regulations and mandates regarding HIPAA and other confidential patient informaiton rules are frankly beyond a large majority of health care providers. But compliance with HIPAA and HITECH is not optional. What should health care providers do? One answer is to call in the experts. Health Security Solutions is an MSSP (managed security service provider) that specializes in helping health care providers with HIPAA compliance.

I had a chance to sit down with the founder of Health Security Solutions, Steve Spearman and talk about what health care providers are really doing about HIPAA compliance. Steve started HSS a few years ago when he realized that he was spending a lot of his time helping doctor's offices and other health care providers understand HIPAA. He realized that many health care providers had to be compliant but didn't even know where to start. HSS is now the starting place for dozens and dozens of health care providers.

My conversation with Steve runs about 24 minutes. Though a little long, it is well worth the listen. I met Steve through my friends at iScan Online. Steve uses iScan Online for his vulnerability scanning on both mobile and network-based devices. In addition, Steve uses a good mix of best-of-breed solutions, including Sophos.

It is interesting that Steve has been able to carve out a nice business concentrating on a rather narrow focus like this. Though based down in South Carolina, Steve is servicing customers nationally. Another advantage of the MSSP model.

I had a chance to speak with one of Steve's customers, too. Alan Helbush of Where to Start, Inc. is the outsourced IT provider for Ravenswood Family Health Center in San Mateo County, California. Ravenswood has five different office locations, over 50 different health care providers and almost 300 nodes on their network. Helbush knew that while keeping Ravenswood IT network up and running was well within his expertise, making sure they were HIPAA compliant was above and beyond. He needed a HIPAA compliance expert to come in and allow Ravenswood to keep treating patients while ensuring compliance.

The Health Security Solutions managed service was "just what the doctor ordered," according to Helbush. Ravenswood continues along with its medical services, many of which are delivered to people in lower socio-economic conditions. Alan makes sure their network is up and running and HSS makes sure they are compliant. It is a great prescription for success.

We are living in an age of specialization, in medicine and technology. Health Security Solutions in many ways represents the future in IT. Jack of all trades, especially in managed security services are giving way to specialists. It will be interesting to see what other specialties emerge.

Have a listen to my conversation with Steve below. (If you don't see the media player, reload the page)

Join the Network World communities on Facebook and LinkedIn to comment on topics that are top of mind.
Must read: Hidden Cause of Slow Internet and how to fix it
Notice to our Readers
We're now using social media to take your comments and feedback. Learn more about this here.