logo sno large trans.png

Website     Contact

Simplified Nutrition Online and HIPAA Risk Assessment

When it comes to protecting sensitive information, Simplified Nutrition Online (SNO) is committed to helping your facility maintain and integrate privacy and security controls for your long-term care facility, hospital, educational institution, or correctional institution. SNO has prepared an overview of what HIPPA is, who is protected, and how SNO assists you towards implementing HIPAA compliancy during state and federal inspections.


What is HIPPA and Who is Protected?

The Health Insurance Portability and Accountability Act of 1996 (HIPAA) is a federally-mandated law of national standards that protects sensitive patient health information from being disclosed without the patient’s permission or knowledge. The US Department of Health and Human Services (HHS) created the HIPPA Privacy Rule to implement the requirements of HIPAA and the HIPAA Security Rule to protect a subgroup of information covered by the Privacy Rule.[i]The Privacy Rule identifies the use and disclosure of individuals’ health information, or their “protected health information,” by covered entities that are subject to the Privacy Rule. Healthcare providers are considered a covered entity and are subject to the Privacy Rule. 

The Privacy Rule contains standards for individuals’ rights to know how their health information is being used and to be able to control how it is being used. A primary goal of the Privacy Rule is to safeguard individuals’ health information and to see that it is appropriately protected while allowing the flow of health information to provide high quality healthcare. The Privacy Rule wishes to protect the public’s welfare and seeks to create balance which permits accessing important information while protecting the privacy of people who seek healthcare.  Thus SNO also is a healthcare provider that conveys health information in certain transactions, as we link and communicate your patient/resident healthcare data.


HIPAA Security Rule

The HIPAA privacy rule aims to guard protected health information (PHI), while the Security Rule protects a subsection of information covered by the Privacy Rule. This subsection is all individually distinguishable health information a covered entity “produces, receives, maintains, or sends in electronic form.” This information is called “electronic protected health information” (e-PHI). The Security Rule does not apply to PHI communicated orally or in writing.

To comply with the HIPAA Security Rule, all covered entities must do the following:

  • Certify the confidentiality, integrity, and availability of all electronic protected health information,
  • Detect and safeguard against anticipated threats to the security of the information,
  • Protect against impermissible uses or disclosures of information, and
  • Certify compliance by their workforce.

Your healthcare practice should depend on the best judgment and professional ethics when considering requests for permission to use and disclose PHI. The HHS Office for Civil Rights enforces HIPAA rules, and all complaints should be reported to that office. HIPAA violations may result in civil monetary or criminal penalties. For more information, visit the Department of Health and Human Services HIPAA website at https://www.hhs.gov/hipaa/index.html[1]


Resident Specific Reports

Caring for a resident population includes the management and tracking of hundreds of resident specific details. Data management and reporting are what SNO does best. With SNO you can easily monitor and identify significant weight changes occurring within one week or up to one year. SNO has a report for every resident list you require including Residents on Tube Feeding, Fortified Foods, Thickened Liquids, and Fluid Restrictions. SNO can print resident specific menus that are updated for the residents’ specific allergies, dislikes, special requests, portion size changes, Drug-Nutrient Interactions, and also print a comprehensive nutrient analysis of this menu.

Should a catastrophic event occur within our customers’ system(s,) their system, proprietary institution information and patient data are protected through SNO’s cloud architecture. SNO’s multifaceted security design provides a strong barrier to outside infiltration and malicious intrusion, data hacking and cybercrime and all access is limited to encrypted channels through a Virtual Private Network (VPN.)

Site-specific data is kept at SNO’s Secure Data Centers and not at individual customer sites, which oftentimes cannot provide the same level of physical protection as our data centers. However, individual sites have the ability to save copies of daily production reports, including patient information, traycards, etc., in Portable Document Format (PDF) formats on site. We train customers to implement this layer of repetition for their additional security and protection. Finally, SNO’s employees and contractors only discuss a patient’s PHI with the customer’s facility for the purpose of troubleshooting problems and all test data used by SNO is erased to eliminate any identifiable patient information.


Training and Support Guarantee

By offering 24/7 technology and clinical support, we are readily available to our customers. Further, SNO’s customer support may work with customers’ in-house training compliance and mitigation/legal departments upon request. Follow-up on regulatory topics and rule updates and their implications for the users is given to all users periodically via SNO Compliance Announcements via email.  

Finally, should our customers require Interoperability Compliance Consultation, it is offered through Simplified Software Development, the Parent Organization of SNO. 

By pre-identifying all of the possible risks, and through SNO’s completely engineered privacy and security controls, we aim to see your facility achieve HIPAA compliancy. Call us to learn more about how we can help you with HIPAA compliance!


SNO wishes to see your facilities succeed

in every area of your facility’s compliance!

Contact Dr. Coreyann Poly today at 888-773-5521 x 1016

or email her at [email protected] for more information.

Facebook  Twitter  Instagram  LinkedIn

Terms and conditions • Privacy policy

© 2021 Simplified Software Development All rights reserved.