1chapter42BaseTech Principles of Computer Securit.docx
Five steps to achieving hipaa compliance
1. Five steps to achieving Health Insurance Portability and Accountability Act
(HIPAA) compliance
Anita Jones
MHA 690 Health Care Capstone
Instructor: Sherry Grover
May 27, 2013
2. I. Complete a Risk Assessment
Prepares an organization with a precise design regarding HIPAA compliance
Exposes strides to strategize toward compliance
Must comprise all mechanisms that generate, store, maintain, or transmit
ePHI
Fine-tuning the password policy, repositioning, covering, or utilizing a privacy
screen for the monitor
Devices not network-connected are not exempt from HIPAA privacy / security
regulations or the risk of compromise
3. II. Collaborate with Stakeholders
Necessary among decision-makers for rewarding and
continuing changes to privacy /security regulations
Protects against insufficient or unlikely standards
Every department furnishes beneficial input to selecting the
proper mechanism and exposing all possible shared risks
Accountability factor – discourages blaming within
departments
4. III. Craft Policies that Reflect What you Want to Accomplish
Standards linked to HIPAA regulations must be system-wide and
satisfactorily encompassing
Policy development and application must be a shared force
throughout numerous hospital departments
Compose a comprehensive, hospital-wide procedure including
allowances for added degrees of protection
5. III. Craft Policies that Reflect What you Want to Accomplish
Required specifications - needing proper evaluation, protections, and
obligatory applications per HIPAA Security Rule
Addressable specifications - must be assessed for implementation and may
not be needed for risk reduction i.e., encryption (is broken with a password)
Do not administer unfeasibly demanding self-regulation when privacy
policies are sufficient at a lesser level.
Worse than having no policy is an unenforced policy
6. IV. Review Purchases of IT and Medical Equipment from a Risk-management
Perspective
Request an adequate amount of decision-makers with the aim of emotion
being forced out by logic
Consider financial matters when making capital-purchasing decisions i.e.,
buying price and total expense of ownership
Consider security standards –is it built into the merchandise? How to connect
it to the network?
Updated software is central to safeguarding privacy /security
7. V. Develop a Culture of Accountability
Accountability beckons in return to collaboration
Inspire departments to foster the practice of conveying difficulties
Diligent efforts to achieve / maintain HIPAA compliance initially will
prevent catastrophic fines later
Advance planning with collaboration reduces errors
The occurrence of a breach is a learning opportunity for future
improvement
8. References
Reber, E. (2011). Five steps to achieving HIPAA compliance. Biomedical Instrumentation &
Technology, 45(5), 360-3. Retrieved from
http://search.proquest.com/docview/903774854?accountid=32521
www.interestingspree.com
www.care2.com
www.fanpop.com
www.funventure.blogspot.com
www.nigpost.com
www.popartuk.com
www.wallcycles.com
www.wallsave.com