eGestalt Rolls Out Low-Cost HIPAA/HITECH Compliance Tool for Small Medical Practices

Top Quote Meets demand in industry where data breaches cost $6 billion per year. End Quote
  • (1888PressRelease) January 16, 2011 - Santa Clara, CA -- eGestalt ( ), a provider of information technology governance, risk management and compliance (IT-GRC) solutions for small to mid-size organizations, today announced the U.S. availability of SecureGRC SB™, a patent-pending Cloud computing and Software-as-a-Service (Saas) application that helps to meet HIPAA and HITECH privacy and security rules at dramatically less cost and complexity than standard approaches.

    SecureGRC SB is first in the industry to offer an inexpensive and automated SaaS based solution to help small medical practices achieve and sustain HIPAA/HITECH compliance.

    "SecureGRC SB is a patent-pending, breakthrough solution designed with the small medical practice in mind," says Anupam Sahai, President, eGestalt. "Medical practices and their Business Associates can become HIPAA/HITECH compliant in a very cost-effective manner without requiring deep domain expertise. By leveraging our SaaS-based automated tool, which has won numerous awards, channel partners are able to deliver these packaged security and compliance services to small medical practices in a cost-effective manner thereby meeting a huge unmet demand as communicated to us by our channel partners and end-customers."

    Says Dr. Kellner of Mount Kisco, NY, a licensed psychologist and trained psychoanalyst ,"I have been practicing for over 10 years and never thought I had any reason to be HIPAA compliant. After all, I have a private practice, I'm not a hospital. But I attended a webinar by eGestalt on their product called SecureGRC SB. I quickly realized that I had several areas of exposure regarding my patients' information. So I tried the SecureGRC SB program, as it was only $500 and was easy to use."

    "I was really surprised by the number of areas that I was exposed," says Dr. Kellner. "Using the program I quickly identified and fixed the problems. I am now requiring all of my Business Associates to use this program to help protect my practice. I know I would never get audited, that was not my concern. I just wanted to make sure I was doing the right things to protect my patients' privacy and this was an inexpensive and low risk approach."

    The HIPAA/HITECH Act has resulted in significant changes to the industry's approach to data protection. To date, data breaches cost healthcare organizations an average of $1 million per year and the overall healthcare industry $6 billion per year. Lack of staff and preparation (policies and processes) are blamed for most data breaches. (Source: Ponemon Institute: Benchmark Study on Patient Privacy and Data Security, Nov. 2010).

    Enforcements are going up as mentioned here: ( ) and here: ( ).

    Comprehensive support for HIPAA & HITECH regulations offers peace of mind for small medical practices. Features include:

    * Comprehensive support for HIPAA & HITECH applicable to small businesses
    * Covers both Privacy and Security rules
    * A finished document that can be used to show compliancy to other organizations and auditors
    * Menu-driven assessment to understand and gain control over HIPAA/HITECH requirements
    * Library of free policies and example templates that can be customized to attach as evidence
    * Central repository for all HIPAA related documentation
    * Automatic updates on new or revised policies, procedures, or forms that reflect changes in the standards
    * Automatic updates to changes in regulatory requirements
    * Quarterly reminder assessments to help stay on track
    * Tracking and managing of Business Associates (BA's)
    * Simple plug-in for PCI-DSS compliance

    "As a firm we had a policy of preparing non-disclosure agreements for all our clients," says Steve Chait, CPA/ABV/CFF, President of Chait & Associates, a full service accounting firm in Hackensack, NJ. "We thought this would cover us for HIPAA compliance as well, however we realized that with the new changes in HITECH, we needed to have a specific Business Associate Agreement in place with all of our medical clients and to show them that we are in fact HIPAA/HITECH compliant as well."

    "We did some research online and found most programs to help get us complaint were in excess of $10,000 and we were considering this when we discovered SecureGRC SB," added Chait. "This was a $500 entry-point online service that was easy to use and provided us with an excellent tool to help us identify what we needed to do to become compliant. Once we completed their assessment, we received an easy-to-grasp report that we can use to demonstrate that we are now HIPAA and HITECH compliant."

    SecureGRC SB is available immediately through direct and indirect channels worldwide. For further details please call (408) 689-2586 or email sales ( @ ) egestalt dot com dot

    About eGestalt Technologies Inc.:
    eGestalt Technologies Inc. ( ) is a world-class, innovation driven, leading provider of cloud-computing based enterprise solutions for information security and IT-GRC management. eGestalt is headquartered in Santa Clara, California, and has offices in US, Asia-Pacific and Middle East. The Consulting and development team of eGestalt Technologies in India was founded in 2007 by former Intel and IBM executives. eGestalt was nominated Breakthrough Technology Vendor at XChange Americas, August, 2010, and selected by SiliconIndia among the "Top 10 Security Companies to Watch." Its SecureGRC application was voted runner-up in the Managed Services Category at Xchange Tech Innovators, Nov. 2010.

    All trademarks contained within this press release are the sole property of their respective owners and are hereby acknowledged.

    Press & Media Contact:
    Victor Cruz Inc
    Santa Clara, CA
    (401) 349-3369
    vcruz ( @ ) mediapr dot net

  • FB Icon Twitter Icon In-Icon
Contact Information