Related Costs

1.     Assessment to produce the report equivalent to the US HIPAA Risk Analysis.  Every Covered Entity (CE), Business Associate (BA), and Sub-Contractor (SC) is required to conduct this assessment to meet compliance to US HIPAA Laws.  Today, if a CE, BA or SC hasn’t conducted an assessment yet, the entity is considered non-compliant and has put the electronic protected healthcare information (e-PHI) it manages, creates, stores and transmits at RISK. 

The current cost of this assessment for a Health Information Management Business Process Outsourcing (HIMBPO) company in the Philippines starts at Php86,000.00 per 30 systems assessed (systems is considered any device used by the entity that needs an IP address for network connectivity).

2.     Periodic Evaluations & Security Audits:  Required to show that the HIMBPO company is meeting US HIPAA Laws and Standards. 

The current cost for a HIMBPO company in the Philippines for this requirement under this program starts at Php25,000.00 per 30 systems assessed (systems is considered any device used by the entity that needs an IP address for network connectivity).

3.     This program leads to the exposure of a HIMBPO company aspiring to gain more  clients in the United States.  This program is an innovative approach for HIMBPO companies to have the opportunity to implement data security and compliance, and at the same time, gain exposure at a low upfront cost.  The program is designed to satisfy our statement,“We grow, only when you grow!”

The current cost for the HIMBPO company in the Philippines for the exposure to gain business activity in the United States is 6.7% of the gross revenue from the gained business activity.  This is stipulated in the Letter of Intent (LOI) under this program. 

Due to this phenomenon of HIMBPO companies increasing in number due to the HIMBPO business proven to be lucrative and in-demand, many startup HIMBPO companies will need consulting in data security and compliance to prevent double labor scenarios or unnecessary expenses when it comes to developing and establishing the new entity.  This is best addressed by assigning a HIPAA Security Officer to the developing team.  DUMATEK-PI can offer a Security Officer position at a cost based on the nature of the job, the travel involved and the time frame of the project.  The starting cost for this type of service is Php78,000.00/month but goes up again depending on the scope of the job.  The Security Officer becomes part of the development team and will need to be aware of the development plans, as well as the type of services the new HIMBPO operations will be engaging in.

This applies to the following dynamic scenarios:

-          Developing a new entity as a HIMBPO from scratch (no building and staff)

-          BPO wanting a section of their company to  engage in HIMBPO operations

-          BPO wanting a section of their Physical office to engage in HIMBPO operations

-          Interfacing with an existing HIMBPO and taking over their operations

-          Interfacing with an existing HIMBPO and joining their operations

NOTE: A Risk Analysis will still be required as it is mandatory for compliance, but the end result from having a Security Officer as part of the development team should be a startup with very low risks and vulnerabilities to e-PHI, with data security and compliance ready and implemented, and the HIMBPO operations having immediate ability as well as ease to engage US healthcare prospective clients.