Item:
Title
Approval of Contract with Carolinas IT to Provide a HIPAA Privacy & Security Risk Assessment & GAP Analysis
Body
Date of BOCC Meeting: March 12, 2018
Request for Board Action:
Agenda Text
The Board is requested to approve a new contract with Carolinas IT in an amount not to exceed $52,160.00 for the annual HIPAA Privacy & Security Risk Assessment & GAP Analysis. The Health Insurance Portability and Accountability Act of 1996 (HIPAA), and the regulations promulgated thereunder by the United States Health and Human Services, establishes standards to protect the privacy and security of individually identifiable health information. The HIPAA Security Regulations require all covered entities to conduct an accurate and thorough assessment of potential risks and vulnerabilities to the confidentiality, integrity, and availability of the electronic protected health information it holds (45 C.F.R. 164.308(a)(1)(ii)(A).
The County Attorney's Office, Risk Management Division, has prepared a Request for Proposal (RFP #18-012) and Carolinas IT presented the most cost effective proposal. Carolinas IT was deemed the most qualified firm for the project based on the company having significant experience in working with governmental entities, including various NC Counties and health departments. The company is local which makes them more accessible to Durham County and eliminates the need to pay travel expenses. In addition, the company offers follow up assistance as well as assistance with Office of Civil Rights audits.
Alignment with Strategic Plan: Goal 5: Accountable, Efficient and Visionary Government.
Resource Persons: Lowell L. Siler, County Attorney; Ngat Awass, Interim Risk Manager; Kierra Simmons, Compliance and Privacy Officer; and Lyvon Garth, Chief Information Security Officer.
County Manager's Recommendation: The County Manager recommends that the Board approve the contract with Carolinas IT in an amount not to exceed $52,160.00 for the...
Click here for full text