Applying Thought   
About Wipro
Newsroom
Investors
Careers
  
   
Wipro Technologies Consulting IT Services Product Design Business Process Outsourcing CONTACT US
 
Case Studies
Ideas
 
Search
Health and LifeScience Home
Regulatory Services
Regulatory Services Consulting
Regulatory Services Solutions
Global Managed Compliance Services Program
 
 
Global Sourcing Lounge
 
 
 
HEALTHCARE AND LIFE-SCIENCES
Global Managed Compliance Services Program

Wipro‘s Global Managed Compliance Services Program is designed to address critical regulatory requirements. Allowing customers to outsource their regulatory activities will lower their costs and save them time. The Global Managed Compliance Center is a highly flexible and scalable service that is based on Wipro’s well-acclaimed Global Command Center Platform, and is designed to assist US hospitals address the compliance challenge in the following areas:

  • HIPAA Privacy review
  • Security Responsibility
  • Risk Analysis
  • Contingency Planning
  • Policies and Procedures
  • Security Awareness and Training
  • Audit and Evaluation
Wipro Healthcare Global Compliance Center

HIPAA Managed Compliance Services:
Wipro Technologies has partnered with HIPAA Academy, a leading brand in HIPAA Compliance Services, Training and Certification services for Healthcare industry, enabling us to provide you a robust, comprehensive framework for managed HIPAA services.

HIPAA Managed Compliance Services - Service Offerings:

HIPAA Regulation HIPAA Requirement Service Offerings
HIPAA Privacy Rule 45 CFR Parts 160, 162, and 164 The Department of Health and Human Services (HHS) has issued the regulation, “Standards for Privacy of Individually Identifiable Health Information,” applicable to entities covered by HIPAA. The Office for Civil Rights (OCR) is the Departmental component responsible for implementing and enforcing the privacy regulation.
  • Review access controls for PHI access
  • Review privacy policies and procedures
  • Review processes for access to PHI
  • Perform Segregation of Duty Review of current accesses across systems
  • Recommend solutions to address privacy gaps
Assigned Security Responsibility 164.308(a)(2) ) Covered entities must identify the security official who is responsible for the development and implementation of the Security Rule’s required policies and procedures.
  • Additional capability as an Interim Security officer to oversee risk and compliance
  • Inclusion of security responsibility as part of the job roles and responsibilities
  • Inclusion of security requirements in third party contracts / agreements
Risk Analysis 164.308(a)(1) Conduct an accurate and thorough assessment of the potential risks to and vulnerabilities of the confidentiality, integrity and availability of the entity’s electronic protected health information (EPHI).
  • Assess IT processes
  • Classify data/assets (CIA)
  • Assess threat likelihood on assets/services
  • Impact Analysis on information assets
  • Evaluate the adequacy in current levels of controls and safeguards
  • Risk mapping and classification
  • Analyze controls gaps
  • Identify remediation priorities
  • Prepare standardized reports
Contingency Plan 164.308(a)(7) Covered entities must establish policies and procedures for responding to an emergency.
  • Assess Business Processes
  • Conduct Business Impact Analysis (BIA)
  • Analyze existing recovery plan and contingency measures
  • Develop recovery strategies
  • Develop contingency plan documents
Policies, Procedures and Documentation 164.316 Covered entities must implement reasonable and appropriate policies and procedures to comply with standards and implementation specifications of the HIPAA Security Rule.
  • Review policy and procedure implementation plan
  • Review of the existing information security policies and map to HIPAA security requirements
  • Develop additional policies to address policy gaps
  • Help process owner in implementing the procedures to comply with HIPAA Security requirements
  • Develop a document standard for policies and procedures
Policies, Procedures and Documentation 164.316 Covered entities must implement reasonable and appropriate policies and procedures to comply with standards and implementation specifications of the HIPAA security rule.
  • Policy, procedure implementation plan
  • Help process owner in implementing the procedures to comply with HIPAA security requirements
  • Develop a document standard for policy, procedure, standards and baselines
Security Awareness and Training 164.308(a)(5) Covered entities must implement a security awareness and training program for all members of the workforce.
  • Periodic training and awareness programs on security policies for employees and contractors
  • Identify role based training for operations and support staff to address compliance requirements
  • Develop training content to address HIPAA Security requirements
Evaluation 164.308(a)(8) Covered entities must perform periodic evaluations to determine the extent to which the security policies and procedures meet the Rule’s requirements.
  • Periodic review of information security policies and procedures
  • Review changes to regulatory requirements and make necessary changes to policies
  • Update standards, baselines, procedures to comply with policies
  • Develop dashboard reporting to clearly establish state of HIPAA compliance
  • Assess remediation actions recommended in risk analysis and actual actions taken by the organization to mitigate risk

Our Service offerings are aligned in accordance to HIPAA and other regulations so as to ensure complete compliance for Hospitals.

Value Added Services:

  • Advisories on Security vulnerabilities and fixes
    • Security Alerts and mailers
    • Regular advisories on Security vulnerabilities
  • Security Monitoring and Management Services
    • Centralized Security Monitoring & Event Correlation
    • Perimeter Security monitoring
  • Patch / Release Management
    • Centralized management for patch deployment activity
    • Automated process for patch deployment
    • Patch testing
    • Patch Status reporting
  • Security Incident Management
    • Develop incident management framework
    • Incident detection and classification
    • Diagnosis and investigation
    • Incident Reporting
  • Log monitoring and event correlation
    • Log analysis and event correlation
    • Trend analysis, pattern recognition
    • Storage and retention
  • HIPAA Compliance Dashboards, trends and statistics
    • Compliance reports and dashboard
    • Statistical analysis

Wipro’s Global Compliance Center
Wipro has pioneered the concept of Global Command Centers (GCCs) – We provide world class infrastructure services through our Global Infrastructure command center and security services through the Global Security Operations Center.

Our Managed Global Compliance Center is designed to assist healthcare providers in the U.S. manage Security, Privacy and the Infrastructure to enable compliance to HIPAA regulations.

The Global Managed Compliance Center further adds a competitive edge with focus on regulatory compliance through our partnership with the HIPAA Academy and leverage the Infrastructure and Security centers to provide an end to end compliance service spectrum.

Benefits of Managed Regulatory Compliance Services:

  • Skilled resource pool with deep regulatory and domain knowledge to handle your data ensuring compliance with security and privacy requirements
  • Our unique managed services framework ensure your budget allocation stays in line with your business goals and help you stay ahead in competitive environment
  • Our focused approach towards providing 24/7 service using our “Global Compliance Center” assures closure of any security issues in a timely manner 
  • We can provide you the industry-wide recognized HIPAA training to ensure you employees are aware of the regulations

Wipro – HIPAA Academy Partnership

Wipro Technologies, the Global IT Services Business of Wipro Ltd (NYSE:WIT) and ecfirst.com, home of the HIPAA Academy have established the Global Managed Compliance Center to provider a 360 degree platform for a complete start-to-finish HIPAA Compliance.

Wipro Technologies (Ticker Symbol:WIT) is a leading provider of integrated business, technology, IT infrastructure and process solutions on a global delivery platform.. Wipro is the World's first CMMi Level 5 certified software services company. The HIPAA Academy, a division of ecfirst.com, was recognized by Inc. 500 in 2004 as America’s 500 fastest growing privately held business. In the area of HIPAA compliance, the HIPAA Academy has earned the trust of over 130 hospitals in the USA.

About ecfirst.com

ecfirst.com, an Inc. 500 business, is a leader with rich hands-on experience delivering world-class security regulatory compliance solutions. The ecfirst.com Regulatory Compliance Practice delivers deep expertise with its full suite of services that include contingency planning/Business Impact Analysis (BIA), vulnerability assessment, as well as managed security and IT infrastructure solutions. ecfirst.com is exclusively endorsed by the American Hospital Association (AHA) for its training and certification solutions.

About HIPAA Academy

HIPAA Academy delivers compliance solutions across the United States every day. Our deep knowledge of the HIPAA and Sarbanes-Oxley regulations is substantiated with hands-on experience implementing technical solutions in the healthcare industry. The HIPAA Academy introduced the industry's first, and today's leading, credentials for HIPAA skills certification: Certified HIPAA Professional (CHP) and Certified HIPAA Security Specialist™ (CHSS™). For more information, please visit http://www.HIPAAacademy.net
 
 
  Send us an email
Request proposal for services
Subscribe to our monthly newsletter
  CASE STUDIES
Electronic Research Information and Compliance Solution
21 CFR Part 11 Gap Analysis for its IT Processes and IT Infrastructure
  More case studies
  IDEAS
HIPAA and clinical research
  More ideas

 
Contact us Terms of use Privacy Sitemap