Subscription Plan Update for 2017

In 2017 there were many updates and enhancements to our Subscription Plan

New products include:

 Also, in early 2018, we added compliance products for the General Data Protection Regulation ("GDPR") as promulgated by the European Union ("EU") that goes into effect May 2018. These new products include:

  • GDPR Overview and 10 Step Implementation Training
  • Documentation for Notices of Privacy Practices
  • GDPR Model policies for Privacy, Security and Breach Notification
  • GDPR Personal Data Risk Assessment (coming soon to Expresso)
  • GDPR Overview Training & 10 Step Implementation

Expresso®: The Risk Assessment Express

Expresso® Release 1.4 has been enhanced with new reports:

Release 1.4 contains enhanced reporting features with the ability to enter notes (Alerts, Procedures, and Miscellaneous) regarding Risks (e.g. as justification for risk decisions) as well as Security Objects. This key feature enables a CE or BA to document justification for Risk Assessments in the event of an HHS Audit.

  1. Print your Risk Assessment with Notes!
  2. Print Risks or Security Objects with Notes by High, Medium or Low status.
  3. Print Risks by Assigned Party.
  4. Add Company and Contact information to the header of your reports.

Privacy Rule

The Privacy Rule has been enhanced with the following updates and modifications:

  1. A PHI Access Request Form has been added. You will also now be able to go to all our Model Forms via a menu selection in Customer Hub.
  2. A Model Sanction Policy has been added including annotations.
  3. Minor formatting modifications were made to the PHI Amendment Form and the PHI Accounting for Disclosure Form.
  4. Compliance Officer Letter of Authority has been added to the Privacy Rule Checklist
  5. We have added a more complete Training Results spreadsheet that helps your organization more effectively capture training results for all of our courses.

Agile Methodology and Risk Management Framework

Given the importance that HHS has recently placed on methodologies and frameworks, we have created an Agile Methodology & Risk Management Framework ("RMF") product for Subscribers only. We have been writing about Agile and Risk Management Frameworks for quite some time now. That thinking has permeated our products and underpinned them for quite some time now.

However, we thought that it was critical for our customers (and prospects) to understand that our Subscription Plan is not a set of loosely joined software, products, templates, and tools, but rather all of it is underpinned by a Methodology that helps you establish the kind of Program HHS is interested in seeing stakeholders adopt. That is, a Program that transforms your compliance DNA into a “Culture of Compliance.” Further, our Subscription Plan represents a coherent set of interlocking pieces that ensure coverage of all requirements within the HIPAA Rules (i.e. Privacy, Security, and Breach Notification).