Reducing Legal Risk Of MSPs Working With Healthcare Clients

By Jon Senger, CTO, Vertiscale and healthcare IT and security advisor to MSPs

Recent regulations in the healthcare market have serious implications for MSPs and their healthcare clients, but the right compliance strategy can add value for everyone.

MSPs Under The Microscope

The Health Information Technology for Economic and Clinical Health (HITECH) Act of 2010 widens the scope of patient privacy and security protections under HIPAA. It increases the potential legal liability for non-compliance and results in more enforcement. It also requires that third parties who have access to protected health information (PHI), including MSPs, sign Business Associate Agreements that make them liable to fines as well.

In 2013, the agency’s Omnibus Rule enhanced privacy protections and strengthened the government’s ability to enforce the law.

Risk And Reward
Due to the increase in legislation, MSPs are inclined to back away from dealing with healthcare clients rather than address the operational and technology challenges presented by delivering HIPAA compliant services. While this may be a valid risk avoidance strategy, MSPs that take this approach are ignoring a significant revenue channel. The healthcare market is gigantic and it keeps growing, and MSPs that gear up, educate themselves, and recognize that HIPAA, HITECH, and the Omnibus Rule create new and lucrative business opportunities will outpace their competition.

Please log in or register below to read the full article.