Any healthcare company that touches medical records in any way has a responsibility to protect that data. It is up to them to not only train all of their employees on regulations governing how the records must be handled, but also to ensure the same for every company with whom they’re partnered. Just as no company discusses sensitive information without asking partners to sign non-disclosure agreements, healthcare companies should ensure that every single person they do business with is HIPAA certified.
RMI is proud to be the only digital agency in North America that offers this level of security and risk management to our healthcare clients. Every single RMI team member has completed HIPAA and PCI training. This gives us the unique opportunity to be able to offer services like our call center that has set tens of thousands of patient appointments for large healthcare providers.
At RMI, compliance is a core competency. Any healthcare company that engages with us can rest easy knowing that any team member they come into contact with — whether an account manager or behind the scenes expert that may never come into physical contact with the client company — is certified to have been fully trained on HIPAA regulations, protected health information and Federal Trade Commission marketing compliance.
HIPAA certification is only the tip of the iceberg of RMI’s commitment to compliance. Our employees are also fully trained on Stark Law, the federal Anti-Kickback Statute, Medicare-Medicaid Anti-Fraud and Abuse Amendments, Medicare and Medicaid Patient and Program Protection Act of 1987 and FTC rules governing medical claims.
“Most agencies don’t realize the liability they create for their clients by not understanding the major bodies of law beyond HIPAA. An affiliate media buy for patient leads can create a federal criminal liability” says Ken Robbins. “Between Stark, Medicare, FTC and HIPAA, we just had to build training and process to protect our large base of medical providers and device companies.”
HIPAA and PCI training is fully integrated into RMI’s operational guidelines. We have made it part of our onboarding process, so our healthcare clients can be assured that there will never be any gaps in this level of security. No future RMI team member will be permitted to touch a healthcare client until this training is complete.
Healthcare companies should consider HIPAA certification a necessity in any person involved in their businesses. HIPAA violations are actively investigated by the U.S Department of Health and Human Services and violators can be turned over to the Department of Justice. Even unknowingly violating HIPAA rules can come with fines of $1.5 million — but more importantly, violating HIPAA regulations immediately destroys the credibility of any company.
The risk is enormous, and it’s easy to avoid: Only work with partners that understand the gravity of HIPAA and are committed to complying with its guidelines.
That’s what we think, and it’s why we’ve got healthcare companies covered at RMI with a team of experts that are all expertly trained and certified in HIPAA compliance.