Getting Started

Navigate to Guard.Compliancygroup.com and enter your e-mail address and password. Upon first login your password will be the word password in all lower case.
For AdministratorsYou may launch The Guard via the green button to the top-right of your main screen. Beneath the ‘Launch The Guard’ button are ‘System Messages’ and ‘Notifications and Alerts.’ This is important for news the System needs to deliver to you at-a-glance. You will also see ‘Assigned Tasks,’ ‘Important Documents’ and a field where you may ‘Report Incidents’ to your left.

For UsersYou will see ‘Assigned Tasks,’ ‘Important Documents’ and a field where you may ‘Report Incidents.’ For purposes of attesting to policies and procedures created by your Employer, please utilize the ‘Important Documents’ section and consult your Administrator with any further inquiries.

During your first meeting your Compliance Coach created the framework for your self-audits. After launching The Guard you would access these by hovering over ‘Auditing’ and selecting ‘Questionnaire.’ From there, select the audit you wish to continue work on by clicking it until it highlights black. With the audit highlighed black, click ‘View/Continue Selected Audit’ to continue answering the questions.
More often than not you have attempted to perform the work of someone aside from yourself by utilizing their login too many times and turned off Administrator access for your own login. You will need to have a unique User ID/password for each and every Employee because whenever this occurs you will be unable to launch The Guard. Should this occur, please contact us to remedy the matter for you.
Hover over ‘Accounts’ and select ‘Vendors’ from the dropdown. Enter in all Vendor information, placing a pre-fix of BA in front of any Business Associate, and click ‘Create New Partner’ to save them.
Any questions which you cannot answer confidentally or are wholly confused by should be marked as a ‘No.’
If you have a procedure in place but not the policy that would be a circumstance to answer ‘No.’ Also, if you have both the policy and procedure in place but they are over 2 years old you would want to mark the answer as a ‘No.’
Any questions which warranted an answer of ‘Yes’ on the self-audits would also require a brief explanation within the ‘Auditor Notes’ field found mid-screen.
Upon reaching the last page of questions on any given audit you will be presented with an option to finalize the audit, which sets it in stone. So long as you have answered all of the questions honestly and to the best of your knowledge feel free to finalize the audits. Utilize the ‘Previous Question’ button if you wish to review any of the answers inputted prior to finalizing.
If you look to the top-right of your screen, you will see your name while logged into The Guard. Directly next to where it says ‘You are Signed in as YOUR NAME’ will be the word logout with a line beneath it. Click the word logout to exit The Guard. 

 

Business Associate and Vendor Management

A Business Associate is any person or Organization you pay money to and their job entails working directly with your patients’ PHI. They will directly handle protected health information as part of the reason for why you hired them. Examples include a Clearinghouse, a Billing Service, Collection Agencies, Off-Site Storage Companies, IT Services, EHR Platforms, Consultants and Shredding Companies. For establishments such as these you will require a Business Associate Agreement be put into place. 

A ‘regular’ Vendor who is not a Business Associate is someone who you pay money to for a specific task but that task does not involve working with PHI. However, they may see or hear it indirectly. The best example is a member of a Janitorial crew. They are not part of your direct Staff and will require a Confidentiality Agreement (please note that each individual who enters your facility will need to sign this agreement, as opposed to the Company they work for).

For a Business Associate you will want to hover over ‘Accounts’ and select ‘Vendors’ in the drop down that shows. Be sure to place a pre-fix of BA in the ‘Vendor Name’ field, ahead of the Organization’s name. Upon populating all the information in the open fields click ‘Create New Partner’ to save this Business Associate within The Guard.

Any ‘regular’ Vendor who is not a Business Associate should be entered into The Guard as well. The only minor difference when entering these Vendors from a Business Associate is that for a regular Vendor you would not type BA as a pre-fix before populating their information and selecting ‘Create New Partner.’

In order to update Vendor information within The Guard you would first want to hover over ‘Accounts’ and select ‘Vendors’ from the drop down. Look toward the bottom of the screen where it says ‘Modify/View a Vendor’ and click the specific Vendor so their name shows highlighted black. With the Vendor highlighted black, click ‘View Selected Item’ to bring their information toward the top ‘Vendor Details’ field. Make the changes you wish and click ‘Update Partner’ to save the information.

Document, Employee and Training Management

As an Administrator of The Guard you will want each employee of your Organization to be at least a User of the system. Everyone will need to login eventually for the sake of attesting to the policies and procedures we will build along with you. In order to create new User you would first want to Launch The Guard, hover over ‘Administration’ and select ‘Users and Access Controls’ from the drop down. Beneath ‘Create a New User,’ enter in the employee’s full name, E-mail address and password (the word password in all lower case). Ignore the check boxes next to ‘Job’ and ‘Access Roles.’ Last, click ‘Save Information’ to create the unique User profile for that Individual.
First, ensure that the Individual has been at least set-up as a User. Only someone who is already an Administrator should be ‘promoting’ a User to Administrator status. To allow Administrative access to a present User of The Guard, you would first want to hover over ‘Administration’ and select ‘Users and Access Controls’ from the drop down. Click the name of the User below ‘Modify/View a User’ (toward the bottom of the screen). They will now show highlighted black and you will want to click ‘View Selected Item’ to the bottom-left in order to bring their information up-top. With their information showing up-top, click off each of the boxes next to ‘Access Roles’ and click ‘Update Information.’ This User has now been converted to an Administrator of The Guard. If this Individual is either the Privacy or Security Officer for the Facility be sure to label them as such next to ‘Job Role.’
Hover over ‘Tracking’ and select ‘Documents (Version Control).’ You are now in the Document Repository. When you click any given folder to the left it will turn green to indicate it is open. With the ‘HIPAA Manual Audits’ folder open, click Upload to the bottom-left and a yellow window will appear. ‘Local File’ will allow you to find where the file is saved on your computer. ‘Document Title’ should reflect the same as the document which is being uploaded. The ‘Enactment Date’ is the day the questionnaire was completed. The ‘Review Date’ would be one year after that date. Within ‘Description’ type the same thing as what you placed in the ‘Document Title’ field and click ‘Upload Document.’ Your questionnaires should now show beneath ‘Document Name,’ behind where the yellow window was previously.
First, hover over ‘Tracking’ and select ‘Documents Version Control’ from the drop down. To your left-hand side, select the folder labeled ‘Confidentiality Agreements’ by clicking it and ensuring it turns green. Now you will want to click ‘Upload’ to the bottom-left of your screen and a little yellow window pops up. Within the yellow window you will want to populate all fields and select ‘Upload Document’ to store it within The Guard.
First, hover over ‘Accounts’ and select ‘Vendors’ in the drop down that shows. From there, click the Business Associate who has returned their signed agreement from the ‘Modify/View a Vendor’ field found toward the bottom of the screen. They will show highlighted black and you can bring them up top by clicking ‘View Selected Item.’

With the Vendor information now showing up top, you will want to click on the tab found mid-screen that is labeled ‘Contracts.’ After selecting ‘Contracts,’ click ‘Upload New Document’ (it shows green in color) and a yellow window will show. From the ‘Local File’ field you’d click ‘Choose File’ to find where the Agreement is on your computer. The ‘Enactment Date’ is the day the agreement was signed off on. The ‘Review Date’ would be one year following. Within ‘Description’ you’d type a pre-fix of BA ahead of the name of the Organization and click ‘Upload Document.’ Last, be sure to click ‘Update Vendor’ to save this new information you have inserted into The Guard.

Auditing, Assessments and Remediation

Upon completing your Self-Audits deficiencies, also known as gaps, will automatically populate based on your answers. These gaps are where you are lacking policies and procedures within your Organization in order to be compliant.
Hover over the ‘Auditing’ tab and select ‘Remediation Plans’ from the drop down. There will be two tabs mid-screen labeled ‘Notes’ and ‘Gaps.’ Click ‘Gaps.’ Beneath ‘Unassigned/Open Gap Items,’ click and highlight the very first item and click Sel >. DON’T click ‘All >>.’ That’s cheating. We would need to do them one at-a-time, entering in who it is ‘Assigned To,’ their E-mail Address, the start date and end date as explained to you by your Compliance Coach. Finally, click ‘Save Remediation Plan’ for each and every Gap item before moving to the next. DON’T click ‘Mark Complete/Gaps Resolved’ just yet. You have now built the framework for the plan that will resolve your Organization’s deficiencies.
Upon completing your self-audits deficiencies, also known as gaps, will automatically populate based on your answers. In order to fix these gaps, or remediate them, we will create a plan with you to address where your organization has deviated from what the HIPAA rule requires. Remediation is the act of remedying the deficiencies found within your organization.

Incident Management

Anyone is permitted to report an incident. This is why it is easily accessible from the main screen. To the bottom-left is a field specifically marked ‘Report an Incident.’ You have the option to title the incident, label the type of incident it was via the ‘Incident Type’ tab, give a short description of the incident next to the ‘Incident Description’ field, and date the incident as well as when it was actually discovered. After inputting all of this information, click ‘Submit Incident’ to report it.
Depending on the severity of the incident various goals will require implementation. There is no stock answer to provide in this circumstance, so we welcome you to bring incidents to our attention as they happen. That way our Subject Matter Expert can talk you through the matter and bring you back toward being compliant through a remediation plan specifically tailored to your situation.

Illustrating Compliance

First, set-up 2 file folders on your computer’s desktop. Title one ‘Privacy’ and the other ‘Security.’ This is where you will download the 16 templates for Security policies and the 21 templates for Privacy policies to. You will do this so you may change their layout to reflect your Organization’s information.
Let’s use Security policies in order to provide an example – Hover over ‘Tracking’ and select ‘Documents (Version Control).’ Within the Document Repository you will find that The Guard defaults so that the Security policy folder is the one which is open. Click the first policy up-top so it turns black to indicate it is highlighted. To download it to your computer, select ‘View Selected File’ and move it from your download folder to your new Security file folder on your desktop.
Read the top section and delete it. If you would like an Attorney to review this section, please feel free. Input your Organization’s name where it says ‘Organization.’ The Issue Date and Effective Date should be the same and are to reflect the 1st of the following month from the one in which you are in. Within ‘Responsible for Review’ be sure to input the full name of the person who controls policies within your Organization. ‘Scheduled Review Date’ is 2 years in most states, aside from NY, CA, TX, MA, MI, and FL where it is one year.

Now, you will need to read each individual policy throughly. You may come across sections which you find confusing, want clarification on, or have concerns which you’d like addressed. For sections such as these please highlight them red so that they can be explained to you, or clarified further. 

Sign at the bottom along with your Job Title. Last, remove the directions beneath ‘Authorized By,’ since they are just instructions. Keep the files on your computer for the time being. Do not attempt to upload them back into The Guard just yet.

In order to generate reports in regards to staff training you would first want to hover over the tab labeled ‘Reporting’ and select ‘Employee Policy/Procedure Crosswalk’ from the drop down. You may filter the type of report you generate by changing the fields next to ‘Acknowledgment.’ Select ‘All Types,’ ‘Did NOT Understand the Document,’ ‘Did NOT Read the Document,’ or ‘Understood the Document’ and click ‘Generate Report’ to view a run down of what you requested from the system.
The title of Privacy/Security Officer does not exactly need to be your specific job role within your Organization. If it is, please mark this section accordingly. Otherwise, you would want to designate whomever is tasked with the compliance work as a Security or Privacy Officer because A) this is who an Auditor will want to speak with upon entering your facility and B) The Guard utilizes these ‘Job Roles’ in order to send out alerts for specific circumstances.
Upon completing your Implementation sessions you will receive your Seal of Compliance, broadcasting to the world that you have completed our rigorous process and achieved compliance.
You may review work done and various different actions performed by utilizing the ‘System Logs’ found within The Guard. To access ‘System Logs,’ first hover over ‘Administration’ and select ‘System Logs’ from the drop down.

Utilities and Miscellaneous

You are able to change your password directly from the Main Screen. In the very top-right, beneath your name, you will find the words ‘Change Password’ in green. Click ‘Change Password’ and you will be prompted to enter the present password. Then, you will enter your new, preferred password two times for confirmation and select ‘Update Information’ in order to save this new password.
While we don’t offer encryption services directly, we do have many partners in the field who we can refer you to. Just inquire and it will be our pleasure to place you in touch.
Everyone will ultimately move to the Advanced Implementation stages, but in order to accurately teach you how compliance works from the ground up the Basic Implementation stages are present to show you the ropes. Special circumstances sometimes do apply, so please refer to your Compliance Coach if you are at all confused about where in the process you and your organization stand.
We have an ‘Industry Glossary’ available to you which covers HIPAA Basics. Click HERE to access it. The Department of Health and Human Services is an excellent reference. Their web site is HHS.gov. There is also the Office of Civil Rights and the Centers for Medicare and Medicaid Services. Their websites are found at OCR.gov and CMS.gov, respectively.

Contact Us

Clients are always welcome to contact us with inquiries via our HIPAA Hotline, reached at 855-85-HIPAA. 
You may also reach us directly from The Guard by submitting a Support Ticket. To do this you would hover over the ‘Utilities’ tab and select ‘Support’ from the dropdown.
For Support, please feel free to E-mail Support@CompliancyGroup.com, Bob@CompliancyGroup.com, or Chuck@CompliancyGroup.com.

For Sales, please feel free to E-mail Vinnie@CompliancyGroup.com, Jim@CompliancyGroup.com, or Joseph@CompliancyGroup.com.

For Billing, please feel free to E-mail Ron@CompliancyGroup.com.

Whatever your concern is we will be happy to address it for you!

Please address any inquiries sent via US Mail to:

Compliancy Group

52 Broadway Unit 210

Greenlawn, NY 11740

+-Fax
Please feel free to fax us at 631 731 1643