We offer clients support in achieving HIPAA compliance in their datasets and processes through our statistical analyses, assessments, expert determination, and guidance in health data compliance strategies.
Read more in our offerings below…
Read more in our offerings below…
HIPAA Expert Determination and Statistical Disclosure Risk Reports
The topic of disclosure risk has generated considerable interest in the last few years as available data has increased, and technology has developed. Companies should be mitigating the potential of identifying participants in a released dataset.
HIPAA Expert Determination
45 CFR § 164.514 (b):
“A covered entity may determine that health information is not individually identifiable health information only if:
(1) A person with appropriate knowledge of and experience with generally accepted statistical and scientific principles and methods for rendering information not individually identifiable:
(i) Applying such principles and methods, determines that the risk is very small that the information could be used, alone or in combination with other reasonably available information, by an anticipated recipient to identify an individual who is a subject of the information; and
(ii) Documents the methods and results of the analysis that justify such determination“
It is strongly recommended, that an independent statistician meticulously performs the appropriate analytics in a planned released HIPAA de-identified dataset since each application is different in terms of the potential attributes which could be released, and also the possible values in the actual attributes. There might be additional risks which can only be revealed through continuous exploration of the available ‘raw’ dataset.
Mirador can provide an independent statistical review and expert determination of your data relation to your statistical disclosure risk.
Please get in touch to find out more about the expert determination method of de-identification.
Other Statistical Disclosure Risk Assessments
Using our experience and knowledge of HIPAA guidelines and Protected Health Information (PHI), we can help clients assess their own data-sets for the levels of risk they impose and where they could strengthen their data de-identification and further protect personal data privacy
HIPAA Health Data Compliance Support and Guidance
When developing new product processes that involve sensitive data, reviewing the compliance of existing processes, and/or linking deidentified health data to other datasets, organizations need to be aware of the risks involved in these processes to their data.
Mirador Analytics can offer guidance and support both with existing processes or new product and solutions, whatever stage they are at.
This guidance can include;
HIPAA Security Rule Guidance
In regards to HIPAA, the Security Rule adopts the standards for the security of ePHI (electronic Protected Health Information) . The final Security Rule requires covered entities to safeguard the availability, confidentiality, and integrity of ePHI, and the later introduced HITECH act changes extend many of the security rule's practices to business associates as well.
We can help you assess whether you are following the guidelines of the HIPAA security rule in regards to administrative, technical, physical safeguards, as well as other requirements.