How do organizations become HIPAA compliant and remain in compliance?

Epsilon’s core services outlined below ensure your patients’ health information is protected:

Protected Hybrid Cloud-Based Business Continuity
• Anywhere, anytime access
• Data connectivity even without an internet connection
• Advanced compliant security services provide your secure gateway to the cloud
• Backup / Disaster Recovery (B/DR) and Continuity of Operations (CoOP)
Managed IT Security Services>
• Proactive monitoring
• 24x7x365 end user live support
• Mobile device management (MDM)
• Asset tracking and auditing
• Consultation & advisory services
Compliance-Based Risk Assessments>
• HIPAA and PCI specific scans for proper regulatory reporting
• Identification of all personally identifiable information (PII)
• Identification of system vulnerabilities
• Prioritization of remediation needs

Contact Us for a Risk Assessment



"Long before we opened our doors, our board of directors followed the advice of trusted friends and contracted with Epsilon to help with our IT needs. We've been beyond pleased with their 24/7 support. Epsilon staff are extremely knowledgeable and infinitely patient with "IT ingenues" like us. They've been indispensable when it comes to navigating the complex HIPAA security requirements mandated of all healthcare providers."  

- Judy Major, MPH, Founder WNC Birth Center

Understanding HIPAA

The Health Insurance Portability and Accountability Act (HIPAA) of 1996 enacted several rules ranging from health insurance coverage to life insurance policies.  Title II of HIPAA eventually led to the creation of the HIPAA Privacy Rule. The Privacy Rule established a set of national standards for the protection of key health information. This rule applies to all healthcare providers, even those that use paper health records.

Other Key HIPAA Rules:

  • The HIPAA Security Rule was enacted to implement protections for electronic protected health information (ePHI) for covered entities, business associates, and certain subcontractors.
  • The HIPAA Breach Notification Rule requires covered entities, business associates, and certain subcontractors to notify individuals and the Health and Human Services (HHS) following a breach of protected health information (PHI).
  • The Health Information Technology for Economic and Clinical Health (HITECH) Act increases security requirements to business associates and increases penalties for violations.


Do HIPAA Rules Apply to My Organization?

HIPAA Rules apply to the following:

Covered Entities: Any health care provider who transmits health information in electronic form.  

  • Doctors
  • Psychologists
  • Chiropractors
  • Pharmacies
  • HMOs and Company Health Plans
  • Clinics
  • Dentists
  • Nursing Homes
  • Health Insurance Companies
  • Healthcare Clearinghouse

Business Associates: A business that performs activities on behalf of or provides services to a covered entity involving the use of protected health information (PHI).

  • CPAs
  • IT Providers
  • Labratories
  • Attorneys
  • Transcribers
  • Consultants

Error Message