Power Wellness Management, LLC (Power Wellness) announced that the company has recently completed the first phase of their Health Information Portability and Accountability Act (HIPAA) Compliance strategy (or program) and its prescriptive fitness programs. In December 2016, Power Wellness adopted the strategic goal to become one of the first health, fitness and wellness management organizations that is HIPAA compliant and deliver wellness program services that meet the HIPAA Privacy & Security Rule requirements. This milestone ensures the security and encryption of protected health information shared on behalf of its health provider partners.

To ensure success on their HIPAA compliance journey, Power Wellness engaged Plante Moran, one of the largest national CPA firms, to provide consulting services regarding their HIPAA, Healthcare and Information Security needs. Through the effective delivery and execution of strong project management and teamwork with Plante Moran, Power Wellness completed and rolled out its HIPAA compliance program within 16 months, an aggressive and impressive accomplishment impacting over 2,700 employees at over 37 managed centers. Power Wellness developed a balanced and risk-managed HIPAA compliance program, which is strategic in focus and paired with a compliance maturity and continuous improvement roadmap.

It includes but not limited to the following:

  • Business Associate Program which includes compliance due diligence for both upstream and downstream business partners (covered entities and business associates)
  • Formalized IT Security Policy and Procedures
  • Formal web-based HIPAA Compliance Training program
  • Secure segmentation of physician referral data and protected health information (PHI)
  • Regular independent audits and validation of control effectiveness of the PHI environment which included network security assessment and penetration testing
  • A continuous improvement program to enhance HIPAA compliance and controls maturity

As part of the compliance maturity roadmap, Power Wellness is currently undergoing a certification process to achieve SOC 2 certification, a widely accepted AICPA certification of industry security standards and internal controls for its health and wellness program services. Plante Moran will also perform the SOC 2 plus HIPAA certification, anticipating a Type 2 attestation report by the end of the third quarter in 2019.

Power Wellness Management, LLC – Power Wellness is the nation’s largest management company in the medical fitness industry. Founded in 1996, Power Wellness has managed over 50 fitness centers for healthcare systems, colleges, universities, community foundations and senior living communities. Today, Power Wellness serves over 120,000 customers, managing 5 million visits annually by over 2,700 team members nationwide.