www.copperpennyconsulting.com
hipaa@copperpennyconsulting.com

 

Project Name: HIPAA and OSHA Program Options for BADE attendees!

WHITE-GLOVE HIPAA AND OSHA PROGRAM

Project Objective	Evaluate existing documentation and IT/IS infrastructure to determine if any technology or documentation should be implemented to increase security Compliance of organization.
Scheduling/Timeline	Total time commitment is 12 months, with annual renewals. Initial Risk Analysis timeframe is dependent on availability and access to information. Initial Workforce Training should be scheduled no later than 60 days after initial engagement. Other documents will be provided as created.
Individual Tasks	1. On site/virtual visits to see physical operations, documentation, Information Systems, etc. 2. Review existing documentation including: Risk Analysis, Security Risk Assessment, HIPAA Policies & Procedures, Contingency Plans, Business Associate information, OSHA Policies & Procesures, current logs, etc. and update/replace accordingly. 3. HIPAA Workforce Team Training (2 hours - customized to your practice), OSHA Workforce Team Training (2 hours - customized to your practice), and Workplace Violence Prevention Training (30 minutes). 4. Time for questions throughout trainings. 5. Review public facing information, such as website, and update accordingly. 6. Create document to show how you comply with regulations for doctors to conduct Business Associate Due Diligence Review. 7. Due Diligence Review on your downstream vendors. 8. New employee workforce training.
Deliverables	1. Annual team workforce training. 2. New employee trainings as new employees are onboarded. 3. Annual Risk Analysis and OSHA Assessment. 4. Periodic addendums to Risk Analysis and OSHA binder as needed. 5. Unlimited Compliance Help Desk. 6. Updates to existing documentation or replacement if necessary. 7. Policies & Procedures 8. Contingency Plans. 9. Business Associate Agreement Template and tutorial on how to properly use. 10. Business Associate (downstream vendor) evaluations done with you. 11. HIPAA and OSHA Manual to have a central location for all documents. 12. DEA Compliance (if applicable): Set of DEA policies that outlines office compliance with these Federal Laws, including a Controlled Substance Compliance Checklist and other forms and policies. 13. Whitepaper/FAQ for your customers on your compliance in order for your customers to perform Business Associate Due Diligence on you. 14. Additional documents or deliverables may be added as needed and agreed upon.
Investment	$399 per month for 12 months - OR one annual payment of $4,788, with automatic annual renewals (a 50% discount!!!). This spreads out the investment for all 3 team trainings, compliance manuals, both assessments, and ongoing support for the contract term. Most work can be done remotely, however, if in person training or evaluation is needed, travel on site, parking, tolls, etc. would be billed separately. *This does not apply to local clients.

HIPAA AND OSHA LITE PROGRAM

Project Objective	Evaluate existing documentation and IT/IS infrastructure to determine if any technology or documentation should be implemented to increase security Compliance of organization.
Scheduling/Timeline	Total time commitment is 12 months, with annual renewals. Initial Risk Analysis timeframe is dependent on availability and access to information. Initial Workforce Training should be scheduled no later than 60 days after initial engagement. Other documents will be provided as created.
Individual Tasks	1. Virtual visits to see physical operations, documentation, Information Systems, etc. 2. Review existing documentation including: Risk Analysis, Security Risk Assessment, HIPAA Policies & Procedures, Contingency Plans, Business Associate information, OSHA Policies & Procesures, current logs, etc. and update/replace accordingly. 3. HIPAA Workforce Team Training (90 minutes - with time for questions), OSHA Workforce Team Training (90 minutes - with time for questions). 4. Review public facing information, such as website, and update accordingly. 5. New employee workforce training.
Deliverables	1. Annual team workforce training for HIPAA and OSHA.  2. New employee trainings as new employees are onboarded. 3. Annual Basic Risk Assessment and OSHA Assessment. 4. Periodic addendums to Risk Analysis and OSHA binder as needed. 5. Unlimited Compliance Help Desk. 6. Updates to existing documentation or replacement if necessary. 7. Business Associate Agreement Template and tutorial on how to properly use. 8. Branded HIPAA and OSHA Manual to have a central location for all documents including, but not limited to, Polocies & Procedures, Contingency Plans, Incident Response Plans, Consent Forms, and more.  9. Whitepaper/FAQ for your customers on your compliance in order for your customers to perform Business Associate Due Diligence on you. 10. Additional documents or deliverables may be added as needed and agreed upon.
Investment	$249 per month for 12 months - OR one annual payment of $2,988, with automatic annual renewals (a 50% discount!!!). This spreads out the investment for all team trainings, compliance manuals, both assessments, and ongoing support for the contract term Most work can be done remotely, however, if in person training or evaluation is needed, travel on site, parking, tolls, etc. would be billed separately. *This does not apply to local clients.

TRAINING ONLY

(no paperwork updates)

Project Objective	Train all employees on OSHA and HIPAA
Scheduling/Timeline	Training should be scheduled as soon as this document is signed, based on availability of office's schedule and our expert's availability.
Individual Tasks	1. HIPAA Workforce Team Training (1 hour) 2. OSHA & Infection Control Workforce Team Training (2 hours)
Deliverables	1. Annual team workforce training for HIPAA 2. Annual team workforce training for OSHA.
Investment	$1,999 for both live virtual trainings. (33% discount!)

Term: Initial term is 12 months with subsequent 12 month terms to automatically renew, unless either party provides written notice of non renewal to the other party at least thirty (30) days to the expiration of the then-current initial or renewal term, as applicable.

Client Obligations: Client’s use of the Services shall comply with all applicable federal, state, and local laws and regulations, Client agrees not to resell or redistribute (whether for a fee or otherwise) the Services, or any portion thereof, or make any use of the Services other than for Client’s internal business purposes. Client shall ensure that its End Users’ use of the Services, if any, shall comply with all applicable federal, state, and local laws and regulations and any applicable Terms of Use. “Terms of Use” means this Master Agreement, as may be modified from time to time by Copper Penny Consulting.

Classes: Copper Penny Consulting maintains the ability to provide Continuing Education Units nationally as well as in California for specific courses.  Names and license numbers will be verified to ensure active licenses.  Units will be issued in half hour increments, worth 0.5 units.  Names and license numbers will be provided to Copper Penny Consulting, and certificates will be issued within one week.

Classes start on time.  Attendees that are more than 10 minutes late may be required to reschedule or attend a make up class.  All team members, including Doctors and part time team members are required to attend the entirety of classes. 

Payments: For each proposal, Client agrees to pay Copper Penny Consulting all recurring and non-recurring charges, fees and taxes.  Automatic recurring payment transactions will occur via credit card on the 27th of each month.  A late fee of 10% may be assessed for any amounts which are not paid when due. 

Indemnification: Client agrees to defend, indemnify and hold harmless Copper Penny Consulting, its affiliates, its service providers and suppliers and their respective officers, directors, employees and agents, from and against all liabilities, losses, costs, damages and expenses, including reasonable attorneys’ and other professionals’ fees, arising out of any third party claim arising out of or relating to (a) the use of the Service, including but not limited to a breach of confidentiality, data, or individually identifiable health information; or (b) personal injury, death, property damage, or tort from any cause, including but not limited to claims by Client’s employees, agents, tenants or invitees, arising out of this Agreement; or to the extent of the negligence or willful misconduct of Client or its employees, agents, tenants or invitees.  Client agrees that the materials provided are “as is” and contain information provided by client on their safety and compliance programs within their practice(s), without warranties of any any kind, either express or implied.

Regulatory Environments:  Client understands that there are certain requirements for HIPAA Covered Entities, Federal OSHA requirements, and state government and healthcare specific board education requirements, and engaging Copper Penny Consulting for proactive programs does not automatically make Client “Compliant” with such regulation, but rather, the services offered in this Agreement help support the Client’s compliance and safety programs. 

Miscellaneous: This Agreement shall be governed and construed in accordance with the laws of the State of California exclusively and without reference to principles of conflict of laws.  Any action or claim to enforce this Agreement shall be help and resolved in the forum of the State of California.

On behalf of Copper Penny Consulting, LLC, I am looking forward to working with you toward making your business Compliant.

Please feel free to contact me directly at (707)203-0301 or email at hipaa@copperpennyconsulting.com

Warmly, 

 

Amy Wood
CEO, HIPAA, Cybersecuritty and Data Breach Consultant
Copper Penny Consulting, LLC

Deanna Otts-Whitfield, MSHQS, BSDH, RDH, CDIPC
OSHA & Infection Control Consultant
Copper Penny Consulting, LLC

We agree to the terms of this proposal.