Understanding compliance requirements and the vendor solutions that best address them is a challenge for healthcare providers, especially for physicians, clinics and surgery centers that don’t have staff time to dedicate to this issue.

There are many security and storage vendor solutions that qualify for meaningful use, including: Identity and Access Management, Network, Web and eMail Security, Archival, Backup and Business Continuity Storage Solutions. These vendors produce educational materials and conduct webinars to educate their channel partners and prospective customers, although they risk appearing self-serving by promoting their own solutions. Large accounting and consulting firms, such as McKinsey & Company, KPMG, PriceWaterhouseCoopers, and Grant Thornton have established Compliance Audit and Consulting Practices, but they are quite expensive for small to medium businesses. VARs and Solution Providers can try to educate themselves on the regulations and available solutions in order to advise their customers, but that requires a significant investment in time.

Alternately,VARs and Solution Providers can get assistance from www.egestalt.com, an organization that has developed a security and compliance analysis, audit and remediation methodology for small to medium sized healthcare providers and their business associates.

“The HIPAA Security and Compliance solution that we deliver includes an augmented knowledge base that allows channel partners and their end users to better understand the regulations, with best practices, policies and procedures built into the tool,” said Anupam Sahai, President of eGestalt. “It enables channel partners to become a trusted advisor to their end customers on compliance requirements. The methodology or framework comes complete with audit questions that help resellers identify their customers’ security and compliance problems and automatically generates a formal report with recommended solutions to fix those problems. The methodology bridges the gap between the regulations and the deployment of technologies that support HIPAA compliance.”

“We enable channel partners to offer packaged managed HIPAA or PCI-DSS compliance solutions, including a compliance assessment, i.e. a gap analysis, risk analysis and a recommendation for remediation steps. On the basis of the assessment and gap analysis, the reseller can understand the customer’s need and then be in the position to offer security and storage solutions to address those needs.

An eGestalt HIPAA Compliance Assessment and Gap Analysis that is conducted by a reseller might identify that the end customer does not have adequate network security, possibly requiring a firewall or a broader Unified Threat Management solution. Other possible opportunities could include: anti-virus, identity and access management, encryption, log management, backup and recovery or archival storage, among others.

Once the healthcare provider achieves compliance, there is also a follow-on sales opportunity to contact the provider’s Business Associates who are also required to comply with the safeguards established in the HIPAA (Health Insurance Portability and Accountability Act) Security Rule to ensure they are in compliance,” said Sahai.

eGestalt encourages channel partners to build their portfolio of third party vendor solutions to support their customers. In addition to educational materials and webinar instruction that gets resellers ready to sell the solution and become a HIPAA/HITECH trusted business advisor, eGestalt offers a comprehensive channel partner program with technical, marketing and sales guidance for channel partners. More information can be obtained at www.egestalt.com.

The post VARs and Solution Providers can get assistance from Aegify appeared first on Aegify.