Web-based breach tool for healthcare IT

Healthcare has become one of the most-breached industries, placing hospitals, clinics and health plans under scrutiny of the Department of Health and Human Services (HHS) Office for Civil Rights (OCR) and State Attorneys General (AG).

To help healthcare organizations navigate the maze of inconsistent federal and 46 states’ different patient privacy laws, ID Experts announced RADAR 2.0 today – a web-based software tool – to help standardize, centralize and simplify the assessment, documentation and reporting process of privacy or security incidents involving personally identifiable information (PII) and protected health information (PHI).

A key component of ID Experts data breach preparedness and response services, endorsed by the American Hospital Association (AHA), RADAR 2.0 helps healthcare covered entities achieve compliance with federal and states’ privacy and breach notification regulations and provides guidance for notification obligations.

With its information repository, users can organize and easily retrieve incident details and all corresponding documentation in the event of an OCR audit or investigation.

Features and benefits of RADAR 2.0:

• Meets federal and state risk assessment and reporting requirements for privacy, security and data breach incidents; provides incident response plan including a HHS report when notification is expected
• Intuitive risk assessment and documentation process with embedded knowledge of federal and states breach notification rules, making reporting consistent and streamlined
• Common repository for all privacy and security incidents and incident-related attachments such as notes, reports, remediation plans and checklists that can be easily retrieved for OCR, state, and internal investigations
• Proprietary risk assessment with flexibility to handle each incident uniquely based on incident context, internal policies, and privacy office and counsel input
• Secure and scalable with role-based access controls to meet the needs of stand-alone and large integrated healthcare systems and health plans; ability for multiple users to collaborate.