myecfirst hitrustlogo PCILogo
Health IT Services


Health IT Services
On-Demand thru Managed Compliance

The HIPAA Academy™ offers the healthcare industry’s most flexible range of Health Information Technology (IT) services. What’s more is that the services are all based on flat rate pricing, that get even more valued based on the duration of service provided. The Health IT service options available now are:

  • On-Demand Consulting
  • Managed Compliance Services Program (MCSP)

On-Demand Consulting

You Can Do It, We Can Help!
Starting with a commitment of 40-hours or more, you can secure IT professional resources with experience in the healthcare industry across a broad range of skill sets. So be with project management, security professionals, compliance professionals, system analysts, network engineers or more, talk to ecfirst about your requirements and how we can help with staffing or collaborating with you on your project initiatives under our management with your objectives.

We at ecfirst refer to this Health IT consulting model as – “you can do it, we can help!” ecfirst resources may be applied to work along with your personnel to help support, manage or implement IT solutions or capabilities. For example, ecfirst can support your activities with specialized resources such as:

  • Project managers with experience as required
  • Technical professionals with extensive technical, compliance or security expertise

The scope of work may be executed on-site, at your site, or offsite, as determined by your organization. Time-lines, reporting structure and frequency are mutually determined. A sampling of possible tasks and activities include:

  • Develop and manage a Project Plan for IT project initiatives, such as Meaningful Use, or an EHR technology or application implementation
  • Perform Project Management duties and provide technical implementation assistance
  • Develop and manage policies to address proactive auditing
  • Deploy systems, applications or technologies
  • License assessment (software, application license audit)
  • Develop a program, procedures, and logs to combine and filter audit logs, network activity review, and application security access reviews
  • Assist in developing Incident Management capabilities, policy, and technical procedures
  • Review solution options to encrypt sensitive information in e-mail or portable devices

Managed Compliance Services Program (MCSP)

We Get It Done!
The Managed Compliance Services Program (MCSP) is the industry’s most unique and flexible managed services program. With the MCSP you decide what combination of services you contract with ecfirst to manage, and you determine the duration – one year, two years, three years or five years. The duration of the contract determines the flat rate discount you secure for the length of the contract.

And, to top it, payments are monthly for the duration of the contract, with absolutely no interest, and nothing due upfront!

So you decide what service components are to be delivered by ecfirst in what timeframe. It’s amazingly, simple!

For example, are your internal resources stretched to capacity and you lack the necessary expertise to identify all compliance gaps and security vulnerabilities? Does your organization need to comply with regulations and standards such as the HITECH Act, State Regulations, HIPAA Privacy and HIPAA Security?

Regulations mandate organizations to maintain compliance with reasonable and appropriate safeguards in several specific areas. Compliance requirements drive critical activities that must be conducted on a regular schedule, typically annually. On a regular schedule, organizations must by law:

  • Assess compliance with the HIPAA, HITECH or State regulations
  • Assign responsibility to the security officer who is responsible for coordinating compliance and security initiatives
  • Conduct a comprehensive and thorough risk analysis including technical vulnerability assessment penetration testing)
  • Complete a Business Impact Analysis (BIA) for contingency planning and disaster recovery
  • Develop and update security policies and procedures
  • Train all members of the workforce
  • Audit the information infrastructure for compliance with the HIPAA Security Rule

Program Benefits

MCSP is designed to assist healthcare organizations and business associates manage compliance requirements, security and core components of the technology infrastructure. Key benefits of MCSP include:

  • Clearly defined deliverables to achieve compliance
  • Expert advisor assigned – serves as interim security advisor
  • Activities such as risk analysis, technical vulnerability assessment and business impact analysis conducted on a regular schedule
  • Policies maintained on a continual basis
  • Easily tailored to your organizational requirements
  • Very scalable program – can monitor and audit as required
  • Skilled resource pool with expert domain knowledge
    • Enables your staff to focus on your business and us on compliance
  • Fixed monthly fee
  • No interest

Further benefits of the MCSP include:

  • A team of experts keeps you up to date on regulations
  • We free up cycles to enable your staff to better focus on business-critical tasks
  • In Depth resource capabilities with trusted knowledge of legislation and client infrastructure.
  • Smooth out volatility in resource demands and costs associated with managing information technology
  • ecfirst helps to minimize productivity losses from unexpected downtime

This chart summarizes key areas addressed by the ecfirst MCSP.


 ecfirst’s Managed Compliance Services Program (MCSP)

The MCSP is designed to address your compliance, security and other technology implementation, support and management challenges. This program enables your organization to both lower costs and save time. The MCSP is a highly flexible and scalable service.

The MCSP provides a complete, end to end compliance service offering that can be tailored to meet your specific requirements.