ComplyAssistant and PHIflow Launch Collaborative Solution for HIPAA Business Associate Risk Management
ComplyAssistant and PHIflow have announced a collaborative partnership to provide healthcare covered entities (CEs) with a comprehensive solution for the management of their HIPAA business associates (BAs).
On the heels of the Office for Civil Rights’ conclusion of an all-time record year for HIPAA enforcement, BA risk management continues to be a top priority for CEs. The combination of ComplyAssistant’s premier Governance, Risk and Compliance (GRC) solution and PHIflow’s Business Associate Agreement (BAA) Analytics Platform uniquely cover all aspects of BA management. “We are thrilled to partner with PHIflow to streamline BA audits while automating the review and management of BAAs”, says Gerry Blass, CEO of ComplyAssistant.
To date, a large number of healthcare data breaches have been caused by BAs and BAAs often are missing or never executed. The ComplyAssistant and PHIflow combined solution make it easy for CEs to manage a potentially large number of BAs by reducing breach related risks and helping to ensure compliance. “This partnership is a perfect fit”, says Greg Waldstreicher, CEO, PHIflow. “It covers the legal, compliance and regulatory components of BAA management along with the due diligence aspect of BA risk monitoring.”
Founded in 2002, ComplyAssistant offers GRC (governance, risk and compliance) software and managed service solutions to healthcare organizations of all sizes. Designed to help clients organize and manage complex security and compliance processes, ComplyAssistant’s solutions work for a variety of security frameworks and compliance regulations.
PHIflow is a data and technology company combining artificial intelligence (AI) and healthcare regulatory expertise to accelerate contract review processes for healthcare organizations. Named to The National Law Journal’s List of Emerging Legal Technologies in 2020, PHIflow’s contract analytics platform brings an AI-driven approach to the review and categorization of critical, often time sensitive contract information driven by legal, compliance, privacy and information security initiatives.