SlideShare a Scribd company logo

Five steps to achieving hipaa compliance

Download as PPTX, PDF
Anita Jones
Anita Jones
1 of 8
Five steps to achieving Health Insurance Portability and Accountability Act (HIPAA) compliance Anita Jones MHA 690 Health Care Capstone Instructor: Sherry Grover May 27, 2013
I. Complete a Risk Assessment Prepares an organization with a precise design regarding HIPAA compliance Exposes strides to strategize toward compliance Must comprise all mechanisms that generate, store, maintain, or transmit ePHI Fine-tuning the password policy, repositioning, covering, or utilizing a privacy screen for the monitor Devices not network-connected are not exempt from HIPAA privacy / security regulations or the risk of compromise
II. Collaborate with Stakeholders  Necessary among decision-makers for rewarding and continuing changes to privacy /security regulations  Protects against insufficient or unlikely standards  Every department furnishes beneficial input to selecting the proper mechanism and exposing all possible shared risks  Accountability factor – discourages blaming within departments
III. Craft Policies that Reflect What you Want to Accomplish  Standards linked to HIPAA regulations must be system-wide and satisfactorily encompassing  Policy development and application must be a shared force throughout numerous hospital departments  Compose a comprehensive, hospital-wide procedure including allowances for added degrees of protection
III. Craft Policies that Reflect What you Want to Accomplish  Required specifications - needing proper evaluation, protections, and obligatory applications per HIPAA Security Rule  Addressable specifications - must be assessed for implementation and may not be needed for risk reduction i.e., encryption (is broken with a password)  Do not administer unfeasibly demanding self-regulation when privacy policies are sufficient at a lesser level.  Worse than having no policy is an unenforced policy
IV. Review Purchases of IT and Medical Equipment from a Risk-management Perspective  Request an adequate amount of decision-makers with the aim of emotion being forced out by logic  Consider financial matters when making capital-purchasing decisions i.e., buying price and total expense of ownership  Consider security standards –is it built into the merchandise? How to connect it to the network?  Updated software is central to safeguarding privacy /security
V. Develop a Culture of Accountability  Accountability beckons in return to collaboration  Inspire departments to foster the practice of conveying difficulties  Diligent efforts to achieve / maintain HIPAA compliance initially will prevent catastrophic fines later  Advance planning with collaboration reduces errors  The occurrence of a breach is a learning opportunity for future improvement
References Reber, E. (2011). Five steps to achieving HIPAA compliance. Biomedical Instrumentation & Technology, 45(5), 360-3. Retrieved from http://search.proquest.com/docview/903774854?accountid=32521 www.interestingspree.com www.care2.com www.fanpop.com www.funventure.blogspot.com www.nigpost.com www.popartuk.com www.wallcycles.com www.wallsave.com

Recommended

MindLeaf - HIPAA privacy and cybersecurity insurance
MindLeaf - HIPAA privacy and cybersecurity insuranceMindLeaf - HIPAA privacy and cybersecurity insurance
MindLeaf - HIPAA privacy and cybersecurity insurancemindleaftechnologies
 
Firehost Webinar: Hipaa Compliance 101 Part 2- Your Organizational Impact
Firehost Webinar: Hipaa Compliance 101 Part 2- Your Organizational ImpactFirehost Webinar: Hipaa Compliance 101 Part 2- Your Organizational Impact
Firehost Webinar: Hipaa Compliance 101 Part 2- Your Organizational ImpactArmor
 
5 Documents to Prepare for a HIPAA Audit
5 Documents to Prepare for a HIPAA Audit5 Documents to Prepare for a HIPAA Audit
5 Documents to Prepare for a HIPAA AuditSecurityMetrics
 
Importance Of A Security Policy
Importance Of A Security PolicyImportance Of A Security Policy
Importance Of A Security Policycharlesgarrett
 
Chapter003
Chapter003Chapter003
Chapter003Jeanie Delos Arcos
 
Convergence innovative integration of security
Convergence innovative integration of securityConvergence innovative integration of security
Convergence innovative integration of securityciso_insights
 
How to write an IT security policy guide - Tareq Hanaysha
How to write an IT security policy guide - Tareq HanayshaHow to write an IT security policy guide - Tareq Hanaysha
How to write an IT security policy guide - Tareq HanayshaHanaysha
 
Information security policy_2011
Information security policy_2011Information security policy_2011
Information security policy_2011codka
 

Recommended

MindLeaf - HIPAA privacy and cybersecurity insurance
MindLeaf - HIPAA privacy and cybersecurity insuranceMindLeaf - HIPAA privacy and cybersecurity insurance
MindLeaf - HIPAA privacy and cybersecurity insurancemindleaftechnologies
 
Firehost Webinar: Hipaa Compliance 101 Part 2- Your Organizational Impact
Firehost Webinar: Hipaa Compliance 101 Part 2- Your Organizational ImpactFirehost Webinar: Hipaa Compliance 101 Part 2- Your Organizational Impact
Firehost Webinar: Hipaa Compliance 101 Part 2- Your Organizational ImpactArmor
 
5 Documents to Prepare for a HIPAA Audit
5 Documents to Prepare for a HIPAA Audit5 Documents to Prepare for a HIPAA Audit
5 Documents to Prepare for a HIPAA AuditSecurityMetrics
 
Importance Of A Security Policy
Importance Of A Security PolicyImportance Of A Security Policy
Importance Of A Security Policycharlesgarrett
 
Chapter003
Chapter003Chapter003
Chapter003Jeanie Delos Arcos
 
Convergence innovative integration of security
Convergence innovative integration of securityConvergence innovative integration of security
Convergence innovative integration of securityciso_insights
 
How to write an IT security policy guide - Tareq Hanaysha
How to write an IT security policy guide - Tareq HanayshaHow to write an IT security policy guide - Tareq Hanaysha
How to write an IT security policy guide - Tareq HanayshaHanaysha
 
Information security policy_2011
Information security policy_2011Information security policy_2011
Information security policy_2011codka
 
It Policies
It PoliciesIt Policies
It PoliciesJames Sutter
 
A2 ICT Policies
A2 ICT PoliciesA2 ICT Policies
A2 ICT PoliciesBen Williams
 
Implementing security
Implementing securityImplementing security
Implementing securityDhani Ahmad
 
Business case for enterprise continuity planning
Business case for enterprise continuity planningBusiness case for enterprise continuity planning
Business case for enterprise continuity planningWilliam Godwin
 
Risk Assessment Famework
Risk Assessment FameworkRisk Assessment Famework
Risk Assessment Fameworklneut03
 
Importance of Healthcare Compliance Solutions
Importance of Healthcare Compliance SolutionsImportance of Healthcare Compliance Solutions
Importance of Healthcare Compliance SolutionsAegify Inc.
 
Risk Presentation
Risk Presentation Risk Presentation
Risk Presentation lneut03
 
Information classification
Information classificationInformation classification
Information classificationJyothsna Sridhar
 
Mbm Hipaa Hitech Ss Compliance Risk Assessment
Mbm Hipaa Hitech Ss Compliance Risk AssessmentMbm Hipaa Hitech Ss Compliance Risk Assessment
Mbm Hipaa Hitech Ss Compliance Risk AssessmentMBMeHealthCareSolutions
 
Symantec 2011 CIP Survey Global Results
Symantec 2011 CIP Survey Global ResultsSymantec 2011 CIP Survey Global Results
Symantec 2011 CIP Survey Global ResultsSymantec
 
Top Tips on Choosing a vCISO
Top Tips on Choosing a vCISOTop Tips on Choosing a vCISO
Top Tips on Choosing a vCISOCISOSHARE
 
You and HIPAA - Get the Facts
You and HIPAA - Get the FactsYou and HIPAA - Get the Facts
You and HIPAA - Get the Factsresourceone
 
Protecting PHi- 1-2016
Protecting PHi- 1-2016Protecting PHi- 1-2016
Protecting PHi- 1-2016Bill Steuer
 
HIPAA Workloads on AWS - Pop-up Loft Tel Aviv
HIPAA Workloads on AWS - Pop-up Loft Tel AvivHIPAA Workloads on AWS - Pop-up Loft Tel Aviv
HIPAA Workloads on AWS - Pop-up Loft Tel AvivAmazon Web Services
 
Risk monitoring and response
Risk monitoring and responseRisk monitoring and response
Risk monitoring and responseZyrellLalaguna
 
Lesson 4
Lesson 4Lesson 4
Lesson 4MLG College of Learning, Inc
 
Simple Steps to HIPAA Compliance
Simple Steps to HIPAA ComplianceSimple Steps to HIPAA Compliance
Simple Steps to HIPAA ComplianceAtMyDeskTraining
 
Ch.5 rq (1)
Ch.5 rq (1)Ch.5 rq (1)
Ch.5 rq (1)anthnydvs
 
CISSPills #3.05
CISSPills #3.05CISSPills #3.05
CISSPills #3.05Pierluigi Falcone, CISSP, CISM, CCSK, SABSA Foundation
 
Connectria Hosting- HIPAA Compliant Hosting Services
Connectria Hosting- HIPAA Compliant Hosting ServicesConnectria Hosting- HIPAA Compliant Hosting Services
Connectria Hosting- HIPAA Compliant Hosting ServicesConnectria
 
&^^&
&^^&&^^&
&^^&Yahia Zakaria
 
Presentación maestria.
Presentación maestria.Presentación maestria.
Presentación maestria.Gf Nissen
 

More Related Content

What's hot

Implementing security
Implementing securityImplementing security
Implementing securityDhani Ahmad
 
Business case for enterprise continuity planning
Business case for enterprise continuity planningBusiness case for enterprise continuity planning
Business case for enterprise continuity planningWilliam Godwin
 
Risk Assessment Famework
Risk Assessment FameworkRisk Assessment Famework
Risk Assessment Fameworklneut03
 
Importance of Healthcare Compliance Solutions
Importance of Healthcare Compliance SolutionsImportance of Healthcare Compliance Solutions
Importance of Healthcare Compliance SolutionsAegify Inc.
 
Risk Presentation
Risk Presentation Risk Presentation
Risk Presentation lneut03
 
Information classification
Information classificationInformation classification
Information classificationJyothsna Sridhar
 
Mbm Hipaa Hitech Ss Compliance Risk Assessment
Mbm Hipaa Hitech Ss Compliance Risk AssessmentMbm Hipaa Hitech Ss Compliance Risk Assessment
Mbm Hipaa Hitech Ss Compliance Risk AssessmentMBMeHealthCareSolutions
 
Symantec 2011 CIP Survey Global Results
Symantec 2011 CIP Survey Global ResultsSymantec 2011 CIP Survey Global Results
Symantec 2011 CIP Survey Global ResultsSymantec
 
Top Tips on Choosing a vCISO
Top Tips on Choosing a vCISOTop Tips on Choosing a vCISO
Top Tips on Choosing a vCISOCISOSHARE
 
You and HIPAA - Get the Facts
You and HIPAA - Get the FactsYou and HIPAA - Get the Facts
You and HIPAA - Get the Factsresourceone
 
Protecting PHi- 1-2016
Protecting PHi- 1-2016Protecting PHi- 1-2016
Protecting PHi- 1-2016Bill Steuer
 
HIPAA Workloads on AWS - Pop-up Loft Tel Aviv
HIPAA Workloads on AWS - Pop-up Loft Tel AvivHIPAA Workloads on AWS - Pop-up Loft Tel Aviv
HIPAA Workloads on AWS - Pop-up Loft Tel AvivAmazon Web Services
 
Risk monitoring and response
Risk monitoring and responseRisk monitoring and response
Risk monitoring and responseZyrellLalaguna
 
Simple Steps to HIPAA Compliance
Simple Steps to HIPAA ComplianceSimple Steps to HIPAA Compliance
Simple Steps to HIPAA ComplianceAtMyDeskTraining
 
Connectria Hosting- HIPAA Compliant Hosting Services
Connectria Hosting- HIPAA Compliant Hosting ServicesConnectria Hosting- HIPAA Compliant Hosting Services
Connectria Hosting- HIPAA Compliant Hosting ServicesConnectria
 

What's hot (20)

It Policies
It PoliciesIt Policies
It Policies
 
A2 ICT Policies
A2 ICT PoliciesA2 ICT Policies
A2 ICT Policies
 
Implementing security
Implementing securityImplementing security
Implementing security
 
Business case for enterprise continuity planning
Business case for enterprise continuity planningBusiness case for enterprise continuity planning
Business case for enterprise continuity planning
 
Risk Assessment Famework
Risk Assessment FameworkRisk Assessment Famework
Risk Assessment Famework
 
Importance of Healthcare Compliance Solutions
Importance of Healthcare Compliance SolutionsImportance of Healthcare Compliance Solutions
Importance of Healthcare Compliance Solutions
 
Risk Presentation
Risk Presentation Risk Presentation
Risk Presentation
 
Information classification
Information classificationInformation classification
Information classification
 
Mbm Hipaa Hitech Ss Compliance Risk Assessment
Mbm Hipaa Hitech Ss Compliance Risk AssessmentMbm Hipaa Hitech Ss Compliance Risk Assessment
Mbm Hipaa Hitech Ss Compliance Risk Assessment
 
Symantec 2011 CIP Survey Global Results
Symantec 2011 CIP Survey Global ResultsSymantec 2011 CIP Survey Global Results
Symantec 2011 CIP Survey Global Results
 
Top Tips on Choosing a vCISO
Top Tips on Choosing a vCISOTop Tips on Choosing a vCISO
Top Tips on Choosing a vCISO
 
You and HIPAA - Get the Facts
You and HIPAA - Get the FactsYou and HIPAA - Get the Facts
You and HIPAA - Get the Facts
 
Protecting PHi- 1-2016
Protecting PHi- 1-2016Protecting PHi- 1-2016
Protecting PHi- 1-2016
 
HIPAA Workloads on AWS - Pop-up Loft Tel Aviv
HIPAA Workloads on AWS - Pop-up Loft Tel AvivHIPAA Workloads on AWS - Pop-up Loft Tel Aviv
HIPAA Workloads on AWS - Pop-up Loft Tel Aviv
 
Risk monitoring and response
Risk monitoring and responseRisk monitoring and response
Risk monitoring and response
 
Lesson 4
Lesson 4Lesson 4
Lesson 4
 
Simple Steps to HIPAA Compliance
Simple Steps to HIPAA ComplianceSimple Steps to HIPAA Compliance
Simple Steps to HIPAA Compliance
 
Ch.5 rq (1)
Ch.5 rq (1)Ch.5 rq (1)
Ch.5 rq (1)
 
CISSPills #3.05
CISSPills #3.05CISSPills #3.05
CISSPills #3.05
 
Connectria Hosting- HIPAA Compliant Hosting Services
Connectria Hosting- HIPAA Compliant Hosting ServicesConnectria Hosting- HIPAA Compliant Hosting Services
Connectria Hosting- HIPAA Compliant Hosting Services
 

Viewers also liked

Presentación maestria.
Presentación maestria.Presentación maestria.
Presentación maestria.Gf Nissen
 
Reklama ve výživě (2012)
Reklama ve výživě (2012)Reklama ve výživě (2012)
Reklama ve výživě (2012)Tomáš Pruša
 
Cornies general un
Cornies general unCornies general un
Cornies general unEd Cornies
 
Expicacio sobre google
Expicacio sobre googleExpicacio sobre google
Expicacio sobre googleEricHermoso
 
Куда уходит память?
Куда уходит память?Куда уходит память?
Куда уходит память?Dmitriy Dumanskiy
 
EthoSource Overview
EthoSource OverviewEthoSource Overview
EthoSource Overviewrgh143
 
ความขัดแย้งและศาสนาสากล
ความขัดแย้งและศาสนาสากลความขัดแย้งและศาสนาสากล
ความขัดแย้งและศาสนาสากลcamelialona
 
Madrid barça
Madrid barçaMadrid barça
Madrid barçachema3tm
 
Handling 20 billion requests a month
Handling 20 billion requests a monthHandling 20 billion requests a month
Handling 20 billion requests a monthDmitriy Dumanskiy
 
Tweaking performance on high-load projects
Tweaking performance on high-load projectsTweaking performance on high-load projects
Tweaking performance on high-load projectsDmitriy Dumanskiy
 
Manufacturing planning & control (mpc) system
Manufacturing planning & control (mpc) systemManufacturing planning & control (mpc) system
Manufacturing planning & control (mpc) systemYash Dave
 
JVM performance options. How it works
JVM performance options. How it worksJVM performance options. How it works
JVM performance options. How it worksDmitriy Dumanskiy
 

Viewers also liked (16)

&^^&
&^^&&^^&
&^^&
 
Presentación maestria.
Presentación maestria.Presentación maestria.
Presentación maestria.
 
Reklama ve výživě (2012)
Reklama ve výživě (2012)Reklama ve výživě (2012)
Reklama ve výživě (2012)
 
Cornies general un
Cornies general unCornies general un
Cornies general un
 
Expicacio sobre google
Expicacio sobre googleExpicacio sobre google
Expicacio sobre google
 
2011071319290801
20110713192908012011071319290801
2011071319290801
 
Куда уходит память?
Куда уходит память?Куда уходит память?
Куда уходит память?
 
EthoSource Overview
EthoSource OverviewEthoSource Overview
EthoSource Overview
 
ความขัดแย้งและศาสนาสากล
ความขัดแย้งและศาสนาสากลความขัดแย้งและศาสนาสากล
ความขัดแย้งและศาสนาสากล
 
Delicious
DeliciousDelicious
Delicious
 
Madrid barça
Madrid barçaMadrid barça
Madrid barça
 
Handling 20 billion requests a month
Handling 20 billion requests a monthHandling 20 billion requests a month
Handling 20 billion requests a month
 
Tweaking performance on high-load projects
Tweaking performance on high-load projectsTweaking performance on high-load projects
Tweaking performance on high-load projects
 
JEEConf. Vanilla java
JEEConf. Vanilla javaJEEConf. Vanilla java
JEEConf. Vanilla java
 
Manufacturing planning & control (mpc) system
Manufacturing planning & control (mpc) systemManufacturing planning & control (mpc) system
Manufacturing planning & control (mpc) system
 
JVM performance options. How it works
JVM performance options. How it worksJVM performance options. How it works
JVM performance options. How it works
 

Similar to Five steps to achieving hipaa compliance

The Ultimate Guide to HIPAA Compliance - Strategies and Security Risk Assessm...
The Ultimate Guide to HIPAA Compliance - Strategies and Security Risk Assessm...The Ultimate Guide to HIPAA Compliance - Strategies and Security Risk Assessm...
The Ultimate Guide to HIPAA Compliance - Strategies and Security Risk Assessm...Colington Consulting
 
The Challenges of Implementing HIPAA Certification in USA
The Challenges of Implementing HIPAA Certification in USAThe Challenges of Implementing HIPAA Certification in USA
The Challenges of Implementing HIPAA Certification in USAShyamMishra72
 
Achieving HIPAA Compliance: The Roadmap to Certification Success
Achieving HIPAA Compliance: The Roadmap to Certification SuccessAchieving HIPAA Compliance: The Roadmap to Certification Success
Achieving HIPAA Compliance: The Roadmap to Certification SuccessShyamMishra72
 
unit 3 security plans and policies.pptx
unit 3 security plans and policies.pptxunit 3 security plans and policies.pptx
unit 3 security plans and policies.pptxManushiKhatri
 
Homework AssignmentShort Answer Responses.1. Describe the fiv.docx
Homework AssignmentShort Answer Responses.1. Describe the fiv.docxHomework AssignmentShort Answer Responses.1. Describe the fiv.docx
Homework AssignmentShort Answer Responses.1. Describe the fiv.docxadampcarr67227
 
HIPAA and Confidentiality
HIPAA and ConfidentialityHIPAA and Confidentiality
HIPAA and ConfidentialityReggie2469
 
CHAPTER 5 Security Policies, Standards, Procedures, a
CHAPTER 5 Security Policies, Standards, Procedures, aCHAPTER 5 Security Policies, Standards, Procedures, a
CHAPTER 5 Security Policies, Standards, Procedures, aMaximaSheffield592
 
Importanceofasecuritypolicy 13281642117262-phpapp01-120202003227-phpapp01 (1)
Importanceofasecuritypolicy 13281642117262-phpapp01-120202003227-phpapp01 (1)Importanceofasecuritypolicy 13281642117262-phpapp01-120202003227-phpapp01 (1)
Importanceofasecuritypolicy 13281642117262-phpapp01-120202003227-phpapp01 (1)Bonagiri Rajitha
 
HIPAA Compliance Testing In Software Applications.pdf
HIPAA Compliance Testing In Software Applications.pdfHIPAA Compliance Testing In Software Applications.pdf
HIPAA Compliance Testing In Software Applications.pdfZoe Gilbert
 
Chapter 7 Managing Secure System.pdf
Chapter 7 Managing Secure System.pdfChapter 7 Managing Secure System.pdf
Chapter 7 Managing Secure System.pdfAbuHanifah59
 
Explanation of the most common types of administrative risks
Explanation of the most common types of administrative risksExplanation of the most common types of administrative risks
Explanation of the most common types of administrative risksPrathitha cb
 
Cloud compliance test
Cloud compliance testCloud compliance test
Cloud compliance testPrancer Io
 
An Overview of HIPAA Laws and Regulations.pdf
An Overview of HIPAA Laws and Regulations.pdfAn Overview of HIPAA Laws and Regulations.pdf
An Overview of HIPAA Laws and Regulations.pdfSeasiaInfotech2
 
Navigating Healthcare Compliance: A Guide to HIPAA Certification
Navigating Healthcare Compliance: A Guide to HIPAA CertificationNavigating Healthcare Compliance: A Guide to HIPAA Certification
Navigating Healthcare Compliance: A Guide to HIPAA CertificationShyamMishra72
 
Harrisburg UniversityISEM 547 IT PolicyOb.docx
Harrisburg UniversityISEM 547 IT PolicyOb.docxHarrisburg UniversityISEM 547 IT PolicyOb.docx
Harrisburg UniversityISEM 547 IT PolicyOb.docxshericehewat
 
1chapter42BaseTech Principles of Computer Securit.docx
1chapter42BaseTech Principles of Computer Securit.docx1chapter42BaseTech Principles of Computer Securit.docx
1chapter42BaseTech Principles of Computer Securit.docxdurantheseldine
 

Similar to Five steps to achieving hipaa compliance (20)

The Ultimate Guide to HIPAA Compliance - Strategies and Security Risk Assessm...
The Ultimate Guide to HIPAA Compliance - Strategies and Security Risk Assessm...The Ultimate Guide to HIPAA Compliance - Strategies and Security Risk Assessm...
The Ultimate Guide to HIPAA Compliance - Strategies and Security Risk Assessm...
 
The Challenges of Implementing HIPAA Certification in USA
The Challenges of Implementing HIPAA Certification in USAThe Challenges of Implementing HIPAA Certification in USA
The Challenges of Implementing HIPAA Certification in USA
 
Achieving HIPAA Compliance: The Roadmap to Certification Success
Achieving HIPAA Compliance: The Roadmap to Certification SuccessAchieving HIPAA Compliance: The Roadmap to Certification Success
Achieving HIPAA Compliance: The Roadmap to Certification Success
 
unit 3 security plans and policies.pptx
unit 3 security plans and policies.pptxunit 3 security plans and policies.pptx
unit 3 security plans and policies.pptx
 
Homework AssignmentShort Answer Responses.1. Describe the fiv.docx
Homework AssignmentShort Answer Responses.1. Describe the fiv.docxHomework AssignmentShort Answer Responses.1. Describe the fiv.docx
Homework AssignmentShort Answer Responses.1. Describe the fiv.docx
 
HIPAA and Confidentiality
HIPAA and ConfidentialityHIPAA and Confidentiality
HIPAA and Confidentiality
 
CHAPTER 5 Security Policies, Standards, Procedures, a
CHAPTER 5 Security Policies, Standards, Procedures, aCHAPTER 5 Security Policies, Standards, Procedures, a
CHAPTER 5 Security Policies, Standards, Procedures, a
 
Importanceofasecuritypolicy 13281642117262-phpapp01-120202003227-phpapp01 (1)
Importanceofasecuritypolicy 13281642117262-phpapp01-120202003227-phpapp01 (1)Importanceofasecuritypolicy 13281642117262-phpapp01-120202003227-phpapp01 (1)
Importanceofasecuritypolicy 13281642117262-phpapp01-120202003227-phpapp01 (1)
 
HIPAA Compliance Testing In Software Applications.pdf
HIPAA Compliance Testing In Software Applications.pdfHIPAA Compliance Testing In Software Applications.pdf
HIPAA Compliance Testing In Software Applications.pdf
 
Security policy.pdf
Security policy.pdfSecurity policy.pdf
Security policy.pdf
 
Wibberly-2014
Wibberly-2014Wibberly-2014
Wibberly-2014
 
develop security policy
develop security policydevelop security policy
develop security policy
 
Chapter 7 Managing Secure System.pdf
Chapter 7 Managing Secure System.pdfChapter 7 Managing Secure System.pdf
Chapter 7 Managing Secure System.pdf
 
Explanation of the most common types of administrative risks
Explanation of the most common types of administrative risksExplanation of the most common types of administrative risks
Explanation of the most common types of administrative risks
 
Cloud compliance test
Cloud compliance testCloud compliance test
Cloud compliance test
 
An Overview of HIPAA Laws and Regulations.pdf
An Overview of HIPAA Laws and Regulations.pdfAn Overview of HIPAA Laws and Regulations.pdf
An Overview of HIPAA Laws and Regulations.pdf
 
Navigating Healthcare Compliance: A Guide to HIPAA Certification
Navigating Healthcare Compliance: A Guide to HIPAA CertificationNavigating Healthcare Compliance: A Guide to HIPAA Certification
Navigating Healthcare Compliance: A Guide to HIPAA Certification
 
Harrisburg UniversityISEM 547 IT PolicyOb.docx
Harrisburg UniversityISEM 547 IT PolicyOb.docxHarrisburg UniversityISEM 547 IT PolicyOb.docx
Harrisburg UniversityISEM 547 IT PolicyOb.docx
 
Ch14 Policies and Legislation
Ch14 Policies and LegislationCh14 Policies and Legislation
Ch14 Policies and Legislation
 
1chapter42BaseTech Principles of Computer Securit.docx
1chapter42BaseTech Principles of Computer Securit.docx1chapter42BaseTech Principles of Computer Securit.docx
1chapter42BaseTech Principles of Computer Securit.docx
 

Five steps to achieving hipaa compliance

  • 1. Five steps to achieving Health Insurance Portability and Accountability Act (HIPAA) compliance Anita Jones MHA 690 Health Care Capstone Instructor: Sherry Grover May 27, 2013
  • 2. I. Complete a Risk Assessment Prepares an organization with a precise design regarding HIPAA compliance Exposes strides to strategize toward compliance Must comprise all mechanisms that generate, store, maintain, or transmit ePHI Fine-tuning the password policy, repositioning, covering, or utilizing a privacy screen for the monitor Devices not network-connected are not exempt from HIPAA privacy / security regulations or the risk of compromise
  • 3. II. Collaborate with Stakeholders  Necessary among decision-makers for rewarding and continuing changes to privacy /security regulations  Protects against insufficient or unlikely standards  Every department furnishes beneficial input to selecting the proper mechanism and exposing all possible shared risks  Accountability factor – discourages blaming within departments
  • 4. III. Craft Policies that Reflect What you Want to Accomplish  Standards linked to HIPAA regulations must be system-wide and satisfactorily encompassing  Policy development and application must be a shared force throughout numerous hospital departments  Compose a comprehensive, hospital-wide procedure including allowances for added degrees of protection
  • 5. III. Craft Policies that Reflect What you Want to Accomplish  Required specifications - needing proper evaluation, protections, and obligatory applications per HIPAA Security Rule  Addressable specifications - must be assessed for implementation and may not be needed for risk reduction i.e., encryption (is broken with a password)  Do not administer unfeasibly demanding self-regulation when privacy policies are sufficient at a lesser level.  Worse than having no policy is an unenforced policy
  • 6. IV. Review Purchases of IT and Medical Equipment from a Risk-management Perspective  Request an adequate amount of decision-makers with the aim of emotion being forced out by logic  Consider financial matters when making capital-purchasing decisions i.e., buying price and total expense of ownership  Consider security standards –is it built into the merchandise? How to connect it to the network?  Updated software is central to safeguarding privacy /security
  • 7. V. Develop a Culture of Accountability  Accountability beckons in return to collaboration  Inspire departments to foster the practice of conveying difficulties  Diligent efforts to achieve / maintain HIPAA compliance initially will prevent catastrophic fines later  Advance planning with collaboration reduces errors  The occurrence of a breach is a learning opportunity for future improvement
  • 8. References Reber, E. (2011). Five steps to achieving HIPAA compliance. Biomedical Instrumentation & Technology, 45(5), 360-3. Retrieved from http://search.proquest.com/docview/903774854?accountid=32521 www.interestingspree.com www.care2.com www.fanpop.com www.funventure.blogspot.com www.nigpost.com www.popartuk.com www.wallcycles.com www.wallsave.com

Editor's Notes

  1. Photo by: www.wallcycles.com
  2. Photos by www.care2.com
  3. Photo by: www.popartuk.com
  4. Photo by: www.funventure.blogspot.com
  5. Photo by: www.nigpost.com
  6. Photo by: wallsave.com
  7. Photo by: interestingspree.com
  8. Photo by: www.fanpop.com