← Back to BLOG

Learn about Get Your Arms Around HIPAA and HITECH

Learn about Get Your Arms Around HIPAA and HITECH

On April 26th, Frank Ableson, owner of navitend and Patrick Felicetta, Director, National Partner Program HIPAA Secure Now! came together with Robert Reyes, Administrator, and Lance Abolos, Director of Admissions, CareOne at Hanover to provide an event called “Get Your Arms Around HIPAA and HITECH”.  Both Frank and Patrick have been providing HIPAA and HITECH information to Administrators of Assisted Living and Skilled Nursing Facilities across NJ.  The partnership for providing this information was very successful and both CALA and LNHA received 2 Continuing Education Credits for their profession from the American College of Healthcare Administrators NJ Chapter.  NJACHA

Attendees were asked to name the top three resources in their workplace such as tools, roles of people, and information that they need in order to accomplish their mission.  And if a threat had come to these identified resources which would keep them from advancing in their work how would the react?

Every organization faces risk.  The type of risk and how it is dealt with may differ, but every organization should know that no matter how big or small they are, they should have a contingency plan in place to deal with potential factors outside of the company’s control.

Sensitive data should be protected based on the potential impact of a loss of confidentiality, integrity, or availability.  Limiting functionality and defining security weaknesses to give attackers as few opportunities as possible to breach a system should be a number one goal for your organization.

With this in mind Frank discussed confidentiality, integrity, and availability, commonly known as the CIA Triad where confidentiality is a set of rules that limits access to information, integrity is the assurance that the information is trustworthy and accurate, and availability is a guarantee of reliable access to the information by authorized people.

Patrick Felicetta discussed what a HIPAA Risk Assessment is and why an organization needs one.  During his talk he explained that all e-PHI created, received, maintained or transmitted by an organization is subject to the Security Rule which requires entities to determine risks and vulnerabilities in their environments and to implement appropriate security measures to protect against anticipated threats or hazards to the security or integrity of e-PHI.  To accomplish this a Risk Assessment needs to be done by all covered entities.  The risk assessment is an honest assessment of the areas in which your organization is at risk of breaching protected health information (PHI) whether it be written or electronic.

Lastly Patrick gave some myths regarding HIPAA Risk Assessments.  Like the following:

The security risk analysis is optional for small providers.  False. All providers who are “covered entities” under HIPAA are required to perform a risk analysis.

Simply installing a certified EHR fulfills the security risk analysis MU requirement.  False. Even with a certified EHR, you must perform a full security risk analysis. Security requirements address all electronic protected health information you maintain, not just what is in your EHR.

My EHR vendor took care of everything I need to do about privacy and security.  False. Your EHR vendor may be able to provide information, assistance, and training on the privacy and security aspects of the EHR product. However, EHR vendors are not responsible for making their products compliant with HIPAA Privacy and Security Rules. It is solely your responsibility to have a complete risk analysis conducted.

A checklist will suffice for the risk analysis requirement.  False. Checklists can be useful tools, especially when starting a risk analysis, but they fall short of performing a systematic security risk analysis or documenting that one has been performed.

My security risk analysis only needs to look at my EHR.  False. Review all electronic devices that store, capture, or modify electronic protected health information. Include your EHR hardware and software and devices that can access your EHR data (e.g., your tablet computer, your practice manager’s mobile phone). Remember that copiers also store data.

I only need to do a risk analysis once.  False. To comply with HIPAA, you must continue to review, correct or modify, and update security protections.            

This event can be provided at your facility contact Patrice Schaffer, Business Development Specialist, navitend, or call 973.448.0070 ext 312.


  • "Our company is more efficient and has grown as a result of navitend’s work. navitend helped us get to the next level."

    Greg Niccolai / Madison Insurance
  • Do you need IT help? Are you tired of being frustrated by technology issues? Would you like to go to work everyday and know that all those headaches are being taken care of? Then look no further, navitend is your answer.

    Kathy Molyneaux - Friends Life Care Partners
  • "navitend has been a great IT partner for our company.  Their helpdesk response time is the best I have experienced in my 30 year career.  navitend has helped me to have great IT services without the need to have a full time, in house, technician at significant savings to our company."

    Bob Bradley, President, Bradley Graphics
  • It works!!  You rock!!!!!!!!!!

    Robert Vogel, C12 Group San Antonio
  • Having had IT support in the past that left a lot to be desired, working with Navitend is a refreshing change! They are always responsive, knowledgeable, and courteous no matter whether the problem is huge or even user error. I am so grateful my organization changed to navitend!!

    United Way
  • "You guys are OUTSTANDING! Thanks for all you’ve done to make this transition seamless."

    John Bryant, CEO, Christ's Home
  • “Navitend’s expertise helped our firm over the past year to effectively elevate our I.T. game, powering our website into a highly interactive tool. Well done to Frank and his team!”  

    Chuck Steege, CFP®, CEP, President, SFG Wealth Planning Services, Inc.
  • "We've dedicated our lives to growing our retail and ecommerce business and it's a relief to have found a company like navitend who treats our business likes it's their own. navitend's personal approach to project management and problem solving are top-notch."

    Stamatis, Co-owner Twisted Lily, Fragrance Boutique and Apothecary
  • "Thanks so much again for taking care of everything in such an expedient manner. It's a pleasure to work with navitend and its staff as always!"

    Lawrence Wolfin / Textol Systems, Inc.
  • I am truly impressed by the focus the team places on the requests from our company. They listen, and no matter who I get on the phone, I get the answer that I am looking for. I can tell that they keep excellent notes, and it is because of this level of detail that engineers/technical support staff are always up to date on knowledge of our systems. They are patient, professional, and incredibly nice as individuals. They have provided assistance even on days when they were out of the office. With every request, they have made sure that they review the details with us to ensure that the information/questions were captured accurately. Truly an excellent team!!

    Josefina and Christian Abboud
  • I highly recommend navitend for their professionalism, integrity, down-to-earth advice and thoughtful recommendations. Every solution that they offer is unique and the most appropriate to their customers' needs.

    Paula Muller
  • "I am writing this to tell you how pleased the Township of Andover is with the services provided by navitend. It has been a wonderful working relationship, I am so impressed and they come with my most highest recommendation."

    Jayme Alfano / Andover Township
  • "I appreciate that they didn’t just build the application. They made it better by bringing ideas to the table that not only made for a better user experience, but also kept the development costs down."

    Andy Lynch / North Star Marketing
  • "Thanks so much!  You are a class act!  
    You and your team have really done an excellent job on this!"

    Steve Van Ooteghem, The C12 Group in Houston, Texas
  • "I look forward to working with you again in the future. Once again, thanks to your organization for your prompt response."

    Luke Wolters / Luke Wolters Tax Consultants