Covered entities must make sure that they have Administrative, Physical and Technical safeguards in place when securing ePHI data. WHOA.com’s HIPAA compliance practice will guide customers through each of these safeguards as the Code of Federal Regulations (CFR) references them. Business Associate Agreement (BAA) offered with all HIPAA hosting solutions.
| Package Description | Bronze | Silver | Gold | Platinum | |
|---|---|---|---|---|---|
 | Cloud Managed Firewall with 7 Layers of Security |  | | | |
 | Patching for Hosted Servers (OS Patches Only) | | | | |
 | Data Breach Financial Protection Policy Specific limits per merchant up to a maximum of $100,000 per MID and $500,000 per merchant with multiple MID’s | | | | |
 | Internal Managed Antivirus & Antimalware | | | | |
 | Signed Business Associate Agreement (BAA) | | | | |
 | Access to Firewall Configuration for Audit Purposes | - | | | |
 | Compliance Portal for HIPAA Security Risk Self Assessment | - | | | |
 | Professional Services – 4 Hours Annually | - | | | |
 | HIPAA Security Policy Template | - | | | |
 | Network Diagram with Data Flows | - | - | | |
 | Required Online Annual HIPAA Security Training Course for Staff | - | - | | |
 | Patching for 3rd Party Applications (Java, Adobe) | - | - | | |
 | Scanning for Sensitive Healthcare Data | Annual | Quarterly | Monthly | Weekly |
 | Penetration Test Discount | - | 5% | 8% | 10% |