SlideShare a Scribd company logo

5 key steps of HIPAA compliance

Compliancy Group
Compliancy Group

The 5 Keys Steps of HIPAA Compliance form the Compliancy Group

Healthcare
1 of 1
Download to read offline
InarecentinterviewwithBeckersHospitalReview,OurCCOBobGranthighlightedwhatisneces- saryforhealthcareproviderstoachieve,illustrateandmaintainHIPAAcompliancein5easytoun- derstandsteps. 1.Perform a"true"riskanalysis.Tounderstandsystem vulnerabilities,healthcareprovidershavetodo aninternalriskanalysisorhireanoutsideauditortoperform ariskanalysisforthem.Toperform a "true"riskanalysis,theproviderhastobeabletosay"no,wedon'tcomplywithacertainpartofthe regulation,"saysMr.Grant.Althoughmanyhealthcareprovidersarehesitanttoadmittheyarenot HIPAAcompliant,honestlyansweringriskanalysisquestionsisnecessarytoascertainwhatasystem's weaknessesare,addsMr.Grant. 2.2.Havearemediationplan.Healthcareprovidersneedtousetheinformationfrom theriskanalysis todevelopaplantoresolveitsvulnerabilities,saysMr.Grant.Alongwiththeremediationplan,pro- vidersalsoneedtotrackthedocumentationthatshowsthenon-complianceissuewasfixed.There aretoolsavailablethathelpproviderstrackthedocumentation,andhealthcaresystemswithmulti- plefacilitiesshouldutilizethetoolstosimplifytheprocess,addsMr.Grant. 3.Havevendormanagementprotocols.Healthcareprovidersneedtohaveavalidbusinessassoci- ateagreementinplacewithallvendorstheyaresharingpatientinformationwith,saysMr.Grant. ProvidersshouldsendvendorsaHIPAAsecurityaudittoensurethevendorisincompliancewiththe HIPAAsecurityrule.Itisimportantforhealthcareproviderstoaddressallvendornon-compliance issuesbecause"ifyouactlikeanostrichandputyourheadinthesand,HHSwillcomedownonyou hard,"addsMr.Grant. 4.Updatedocuments.TheHIPAAomnibusrulerequireshealthcareproviderstohaveamanualcon- tainingcurrentpoliciesandproceduresaddressingeachpartoftheomnibusrule— suchasbusiness associateagreementmonitoringandsanctionstrategy.Providers'policiesandproceduresmustbe updated"periodically,"anditisgoodpracticetoupdatewithfederalgovernmentrulechangesor everytwoyears,saysMr.Grant."Youmaynothavetochangethemanualwhenit'sreviewed,but youatleasthavetoreviewthepoliciesandtrackthatyoudidbyatleastchangingtherevised date,"addsMr.Grant. 5.Haveanincidentmanagementplan."Everyonehasasecurityincident,it'sthenatureofhealth- care,andsecurityincidentscanhappenatanyorganization,"saysMr.Grant.Thehealthcareindus- tryreliesonphones,faxmachinesandotherelectronicdevicesthatareoftencompromisedand leadtodatabreaches.Asanincidentresponsemeasure,healthcareprovidersneedtokeepaccu- raterecords— suchasemployeeHIPAAtrainingdocumentsandauditlogs— todeterminewhatin- formationwascompromisedduringabreachandtobeabletotracktheincidenttotheresponsible party,addsMr.Grant. -BobGrant,CCOatCompliancyGroupandformerHIPAAauditor 5KeyStepsofHIPAACompliance

Recommended

Is Your EHR Safe? New Technologies for Auditing
Is Your EHR Safe? New Technologies for AuditingIs Your EHR Safe? New Technologies for Auditing
Is Your EHR Safe? New Technologies for AuditingCompliancy Group
 
Just the Facts- Meaningful Use Stage 2 & ICD 10
Just the Facts- Meaningful Use Stage 2 & ICD 10Just the Facts- Meaningful Use Stage 2 & ICD 10
Just the Facts- Meaningful Use Stage 2 & ICD 10Compliancy Group
 
What you need to know about Meaningful Use 2 & interoperability
What you need to know about Meaningful Use 2 & interoperabilityWhat you need to know about Meaningful Use 2 & interoperability
What you need to know about Meaningful Use 2 & interoperabilityCompliancy Group
 
HIPAA MYTHS: HOW MUCH DO YOU KNOW? COMMON MYTHS DEBUNKED & EXPLAINED
HIPAA MYTHS: HOW MUCH DO YOU KNOW? COMMON MYTHS DEBUNKED & EXPLAINEDHIPAA MYTHS: HOW MUCH DO YOU KNOW? COMMON MYTHS DEBUNKED & EXPLAINED
HIPAA MYTHS: HOW MUCH DO YOU KNOW? COMMON MYTHS DEBUNKED & EXPLAINEDCompliancy Group
 
HIPAA HITECH Express Security Privacy Webinar
HIPAA HITECH Express Security Privacy WebinarHIPAA HITECH Express Security Privacy Webinar
HIPAA HITECH Express Security Privacy WebinarCompliancy Group
 
Construction Electrical Safety Training by South Carolina State Association
Construction Electrical Safety Training by South Carolina State AssociationConstruction Electrical Safety Training by South Carolina State Association
Construction Electrical Safety Training by South Carolina State AssociationAtlantic Training, LLC.
 
Confined Spaces by OSHA
Confined Spaces by OSHAConfined Spaces by OSHA
Confined Spaces by OSHAAtlantic Training, LLC.
 
Confined Space Entry Training by OSHA
Confined Space Entry Training by OSHAConfined Space Entry Training by OSHA
Confined Space Entry Training by OSHAAtlantic Training, LLC.
 

Recommended

Is Your EHR Safe? New Technologies for Auditing
Is Your EHR Safe? New Technologies for AuditingIs Your EHR Safe? New Technologies for Auditing
Is Your EHR Safe? New Technologies for AuditingCompliancy Group
 
Just the Facts- Meaningful Use Stage 2 & ICD 10
Just the Facts- Meaningful Use Stage 2 & ICD 10Just the Facts- Meaningful Use Stage 2 & ICD 10
Just the Facts- Meaningful Use Stage 2 & ICD 10Compliancy Group
 
What you need to know about Meaningful Use 2 & interoperability
What you need to know about Meaningful Use 2 & interoperabilityWhat you need to know about Meaningful Use 2 & interoperability
What you need to know about Meaningful Use 2 & interoperabilityCompliancy Group
 
HIPAA MYTHS: HOW MUCH DO YOU KNOW? COMMON MYTHS DEBUNKED & EXPLAINED
HIPAA MYTHS: HOW MUCH DO YOU KNOW? COMMON MYTHS DEBUNKED & EXPLAINEDHIPAA MYTHS: HOW MUCH DO YOU KNOW? COMMON MYTHS DEBUNKED & EXPLAINED
HIPAA MYTHS: HOW MUCH DO YOU KNOW? COMMON MYTHS DEBUNKED & EXPLAINEDCompliancy Group
 
HIPAA HITECH Express Security Privacy Webinar
HIPAA HITECH Express Security Privacy WebinarHIPAA HITECH Express Security Privacy Webinar
HIPAA HITECH Express Security Privacy WebinarCompliancy Group
 
Construction Electrical Safety Training by South Carolina State Association
Construction Electrical Safety Training by South Carolina State AssociationConstruction Electrical Safety Training by South Carolina State Association
Construction Electrical Safety Training by South Carolina State AssociationAtlantic Training, LLC.
 
Confined Spaces by OSHA
Confined Spaces by OSHAConfined Spaces by OSHA
Confined Spaces by OSHAAtlantic Training, LLC.
 
Confined Space Entry Training by OSHA
Confined Space Entry Training by OSHAConfined Space Entry Training by OSHA
Confined Space Entry Training by OSHAAtlantic Training, LLC.
 
HIPAA compliance for Business Associates- The value of compliance, how to acq...
HIPAA compliance for Business Associates- The value of compliance, how to acq...HIPAA compliance for Business Associates- The value of compliance, how to acq...
HIPAA compliance for Business Associates- The value of compliance, how to acq...Compliancy Group
 
HIPAA compliance tuneup 2016
HIPAA compliance tuneup 2016HIPAA compliance tuneup 2016
HIPAA compliance tuneup 2016Compliancy Group
 
How to safeguard ePHIi in the cloud
How to safeguard ePHIi in the cloud How to safeguard ePHIi in the cloud
How to safeguard ePHIi in the cloud Compliancy Group
 
Business Associates: How to differentiate your organization using HIPAA compl...
Business Associates: How to differentiate your organization using HIPAA compl...Business Associates: How to differentiate your organization using HIPAA compl...
Business Associates: How to differentiate your organization using HIPAA compl...Compliancy Group
 
Business Associates: How to become HIPAA compliant, increase revenue, and gai...
Business Associates: How to become HIPAA compliant, increase revenue, and gai...Business Associates: How to become HIPAA compliant, increase revenue, and gai...
Business Associates: How to become HIPAA compliant, increase revenue, and gai...Compliancy Group
 
HIPAA 101- What all Doctors NEED to know
HIPAA 101- What all Doctors NEED to knowHIPAA 101- What all Doctors NEED to know
HIPAA 101- What all Doctors NEED to knowCompliancy Group
 
HIPAA Compliance and Non-Business Associate Vendors - Strategies and Best Pra...
HIPAA Compliance and Non-Business Associate Vendors - Strategies and Best Pra...HIPAA Compliance and Non-Business Associate Vendors - Strategies and Best Pra...
HIPAA Compliance and Non-Business Associate Vendors - Strategies and Best Pra...Compliancy Group
 
How to prepare for OCR's upcoming phase 2 audits
How to prepare for OCR's upcoming phase 2 auditsHow to prepare for OCR's upcoming phase 2 audits
How to prepare for OCR's upcoming phase 2 auditsCompliancy Group
 
Preparing for the unexpected in your medical practice
Preparing for the unexpected in your medical practicePreparing for the unexpected in your medical practice
Preparing for the unexpected in your medical practiceCompliancy Group
 
HIPAA Compliance and Electronic Protected Health Information: Ignorance is no...
HIPAA Compliance and Electronic Protected Health Information: Ignorance is no...HIPAA Compliance and Electronic Protected Health Information: Ignorance is no...
HIPAA Compliance and Electronic Protected Health Information: Ignorance is no...Compliancy Group
 
How to Survive a HIPAA Audit
How to Survive a HIPAA AuditHow to Survive a HIPAA Audit
How to Survive a HIPAA AuditCompliancy Group
 
How to Effectively Negotiate a Business Associate Agreement: What’s Importan...
How to Effectively Negotiate a Business Associate Agreement: What’s Importan...How to Effectively Negotiate a Business Associate Agreement: What’s Importan...
How to Effectively Negotiate a Business Associate Agreement: What’s Importan...Compliancy Group
 
Meaningful Use vs HIPAA
Meaningful Use vs HIPAAMeaningful Use vs HIPAA
Meaningful Use vs HIPAACompliancy Group
 
How to Increase Your Profits Using Patient Payments on File, Recurring and On...
How to Increase Your Profits Using Patient Payments on File, Recurring and On...How to Increase Your Profits Using Patient Payments on File, Recurring and On...
How to Increase Your Profits Using Patient Payments on File, Recurring and On...Compliancy Group
 
Why a Risk Assessment is NOT Enough for HIPAA Compliance
Why a Risk Assessment is NOT Enough for HIPAA ComplianceWhy a Risk Assessment is NOT Enough for HIPAA Compliance
Why a Risk Assessment is NOT Enough for HIPAA ComplianceCompliancy Group
 
The must have tools to address your HIPAA compliance challenge
The must have tools to address your HIPAA compliance challengeThe must have tools to address your HIPAA compliance challenge
The must have tools to address your HIPAA compliance challengeCompliancy Group
 
Business Associate and HIPAA Comliance Infographic
Business Associate and HIPAA Comliance InfographicBusiness Associate and HIPAA Comliance Infographic
Business Associate and HIPAA Comliance InfographicCompliancy Group
 
Surving a HIPAA Audit Infographic
Surving a HIPAA Audit InfographicSurving a HIPAA Audit Infographic
Surving a HIPAA Audit InfographicCompliancy Group
 
Cyber & Privacy Risk Infographic
Cyber & Privacy Risk InfographicCyber & Privacy Risk Infographic
Cyber & Privacy Risk InfographicCompliancy Group
 
Surviving a HIPAA Audit: Five Crucial Steps
Surviving a HIPAA Audit: Five Crucial Steps Surviving a HIPAA Audit: Five Crucial Steps
Surviving a HIPAA Audit: Five Crucial Steps Compliancy Group
 
The Pfizer testimony by Melissa Mac Atee
The Pfizer testimony by Melissa Mac AteeThe Pfizer testimony by Melissa Mac Atee
The Pfizer testimony by Melissa Mac AteePascalGuyot6
 
Best Way 30-Days Keto Meal Plan For Diet
Best Way 30-Days Keto Meal Plan For DietBest Way 30-Days Keto Meal Plan For Diet
Best Way 30-Days Keto Meal Plan For DietGunaPerumal1
 

More Related Content

More from Compliancy Group

HIPAA compliance for Business Associates- The value of compliance, how to acq...
HIPAA compliance for Business Associates- The value of compliance, how to acq...HIPAA compliance for Business Associates- The value of compliance, how to acq...
HIPAA compliance for Business Associates- The value of compliance, how to acq...Compliancy Group
 
HIPAA compliance tuneup 2016
HIPAA compliance tuneup 2016HIPAA compliance tuneup 2016
HIPAA compliance tuneup 2016Compliancy Group
 
How to safeguard ePHIi in the cloud
How to safeguard ePHIi in the cloud How to safeguard ePHIi in the cloud
How to safeguard ePHIi in the cloud Compliancy Group
 
Business Associates: How to differentiate your organization using HIPAA compl...
Business Associates: How to differentiate your organization using HIPAA compl...Business Associates: How to differentiate your organization using HIPAA compl...
Business Associates: How to differentiate your organization using HIPAA compl...Compliancy Group
 
Business Associates: How to become HIPAA compliant, increase revenue, and gai...
Business Associates: How to become HIPAA compliant, increase revenue, and gai...Business Associates: How to become HIPAA compliant, increase revenue, and gai...
Business Associates: How to become HIPAA compliant, increase revenue, and gai...Compliancy Group
 
HIPAA 101- What all Doctors NEED to know
HIPAA 101- What all Doctors NEED to knowHIPAA 101- What all Doctors NEED to know
HIPAA 101- What all Doctors NEED to knowCompliancy Group
 
HIPAA Compliance and Non-Business Associate Vendors - Strategies and Best Pra...
HIPAA Compliance and Non-Business Associate Vendors - Strategies and Best Pra...HIPAA Compliance and Non-Business Associate Vendors - Strategies and Best Pra...
HIPAA Compliance and Non-Business Associate Vendors - Strategies and Best Pra...Compliancy Group
 
How to prepare for OCR's upcoming phase 2 audits
How to prepare for OCR's upcoming phase 2 auditsHow to prepare for OCR's upcoming phase 2 audits
How to prepare for OCR's upcoming phase 2 auditsCompliancy Group
 
Preparing for the unexpected in your medical practice
Preparing for the unexpected in your medical practicePreparing for the unexpected in your medical practice
Preparing for the unexpected in your medical practiceCompliancy Group
 
HIPAA Compliance and Electronic Protected Health Information: Ignorance is no...
HIPAA Compliance and Electronic Protected Health Information: Ignorance is no...HIPAA Compliance and Electronic Protected Health Information: Ignorance is no...
HIPAA Compliance and Electronic Protected Health Information: Ignorance is no...Compliancy Group
 
How to Survive a HIPAA Audit
How to Survive a HIPAA AuditHow to Survive a HIPAA Audit
How to Survive a HIPAA AuditCompliancy Group
 
How to Effectively Negotiate a Business Associate Agreement: What’s Importan...
How to Effectively Negotiate a Business Associate Agreement: What’s Importan...How to Effectively Negotiate a Business Associate Agreement: What’s Importan...
How to Effectively Negotiate a Business Associate Agreement: What’s Importan...Compliancy Group
 
How to Increase Your Profits Using Patient Payments on File, Recurring and On...
How to Increase Your Profits Using Patient Payments on File, Recurring and On...How to Increase Your Profits Using Patient Payments on File, Recurring and On...
How to Increase Your Profits Using Patient Payments on File, Recurring and On...Compliancy Group
 
Why a Risk Assessment is NOT Enough for HIPAA Compliance
Why a Risk Assessment is NOT Enough for HIPAA ComplianceWhy a Risk Assessment is NOT Enough for HIPAA Compliance
Why a Risk Assessment is NOT Enough for HIPAA ComplianceCompliancy Group
 
The must have tools to address your HIPAA compliance challenge
The must have tools to address your HIPAA compliance challengeThe must have tools to address your HIPAA compliance challenge
The must have tools to address your HIPAA compliance challengeCompliancy Group
 
Business Associate and HIPAA Comliance Infographic
Business Associate and HIPAA Comliance InfographicBusiness Associate and HIPAA Comliance Infographic
Business Associate and HIPAA Comliance InfographicCompliancy Group
 
Surving a HIPAA Audit Infographic
Surving a HIPAA Audit InfographicSurving a HIPAA Audit Infographic
Surving a HIPAA Audit InfographicCompliancy Group
 
Cyber & Privacy Risk Infographic
Cyber & Privacy Risk InfographicCyber & Privacy Risk Infographic
Cyber & Privacy Risk InfographicCompliancy Group
 
Surviving a HIPAA Audit: Five Crucial Steps
Surviving a HIPAA Audit: Five Crucial Steps Surviving a HIPAA Audit: Five Crucial Steps
Surviving a HIPAA Audit: Five Crucial Steps Compliancy Group
 

More from Compliancy Group (20)

HIPAA compliance for Business Associates- The value of compliance, how to acq...
HIPAA compliance for Business Associates- The value of compliance, how to acq...HIPAA compliance for Business Associates- The value of compliance, how to acq...
HIPAA compliance for Business Associates- The value of compliance, how to acq...
 
HIPAA compliance tuneup 2016
HIPAA compliance tuneup 2016HIPAA compliance tuneup 2016
HIPAA compliance tuneup 2016
 
How to safeguard ePHIi in the cloud
How to safeguard ePHIi in the cloud How to safeguard ePHIi in the cloud
How to safeguard ePHIi in the cloud
 
Business Associates: How to differentiate your organization using HIPAA compl...
Business Associates: How to differentiate your organization using HIPAA compl...Business Associates: How to differentiate your organization using HIPAA compl...
Business Associates: How to differentiate your organization using HIPAA compl...
 
Business Associates: How to become HIPAA compliant, increase revenue, and gai...
Business Associates: How to become HIPAA compliant, increase revenue, and gai...Business Associates: How to become HIPAA compliant, increase revenue, and gai...
Business Associates: How to become HIPAA compliant, increase revenue, and gai...
 
HIPAA 101- What all Doctors NEED to know
HIPAA 101- What all Doctors NEED to knowHIPAA 101- What all Doctors NEED to know
HIPAA 101- What all Doctors NEED to know
 
HIPAA Compliance and Non-Business Associate Vendors - Strategies and Best Pra...
HIPAA Compliance and Non-Business Associate Vendors - Strategies and Best Pra...HIPAA Compliance and Non-Business Associate Vendors - Strategies and Best Pra...
HIPAA Compliance and Non-Business Associate Vendors - Strategies and Best Pra...
 
How to prepare for OCR's upcoming phase 2 audits
How to prepare for OCR's upcoming phase 2 auditsHow to prepare for OCR's upcoming phase 2 audits
How to prepare for OCR's upcoming phase 2 audits
 
Preparing for the unexpected in your medical practice
Preparing for the unexpected in your medical practicePreparing for the unexpected in your medical practice
Preparing for the unexpected in your medical practice
 
HIPAA Compliance and Electronic Protected Health Information: Ignorance is no...
HIPAA Compliance and Electronic Protected Health Information: Ignorance is no...HIPAA Compliance and Electronic Protected Health Information: Ignorance is no...
HIPAA Compliance and Electronic Protected Health Information: Ignorance is no...
 
How to Survive a HIPAA Audit
How to Survive a HIPAA AuditHow to Survive a HIPAA Audit
How to Survive a HIPAA Audit
 
How to Effectively Negotiate a Business Associate Agreement: What’s Importan...
How to Effectively Negotiate a Business Associate Agreement: What’s Importan...How to Effectively Negotiate a Business Associate Agreement: What’s Importan...
How to Effectively Negotiate a Business Associate Agreement: What’s Importan...
 
Meaningful Use vs HIPAA
Meaningful Use vs HIPAAMeaningful Use vs HIPAA
Meaningful Use vs HIPAA
 
How to Increase Your Profits Using Patient Payments on File, Recurring and On...
How to Increase Your Profits Using Patient Payments on File, Recurring and On...How to Increase Your Profits Using Patient Payments on File, Recurring and On...
How to Increase Your Profits Using Patient Payments on File, Recurring and On...
 
Why a Risk Assessment is NOT Enough for HIPAA Compliance
Why a Risk Assessment is NOT Enough for HIPAA ComplianceWhy a Risk Assessment is NOT Enough for HIPAA Compliance
Why a Risk Assessment is NOT Enough for HIPAA Compliance
 
The must have tools to address your HIPAA compliance challenge
The must have tools to address your HIPAA compliance challengeThe must have tools to address your HIPAA compliance challenge
The must have tools to address your HIPAA compliance challenge
 
Business Associate and HIPAA Comliance Infographic
Business Associate and HIPAA Comliance InfographicBusiness Associate and HIPAA Comliance Infographic
Business Associate and HIPAA Comliance Infographic
 
Surving a HIPAA Audit Infographic
Surving a HIPAA Audit InfographicSurving a HIPAA Audit Infographic
Surving a HIPAA Audit Infographic
 
Cyber & Privacy Risk Infographic
Cyber & Privacy Risk InfographicCyber & Privacy Risk Infographic
Cyber & Privacy Risk Infographic
 
Surviving a HIPAA Audit: Five Crucial Steps
Surviving a HIPAA Audit: Five Crucial Steps Surviving a HIPAA Audit: Five Crucial Steps
Surviving a HIPAA Audit: Five Crucial Steps
 

Recently uploaded

The Pfizer testimony by Melissa Mac Atee
The Pfizer testimony by Melissa Mac AteeThe Pfizer testimony by Melissa Mac Atee
The Pfizer testimony by Melissa Mac AteePascalGuyot6
 
Best Way 30-Days Keto Meal Plan For Diet
Best Way 30-Days Keto Meal Plan For DietBest Way 30-Days Keto Meal Plan For Diet
Best Way 30-Days Keto Meal Plan For DietGunaPerumal1
 
Benefits of Dentulu's Salivary Testing.pptx
Benefits of Dentulu's Salivary Testing.pptxBenefits of Dentulu's Salivary Testing.pptx
Benefits of Dentulu's Salivary Testing.pptxDentulu Inc
 
Jesse Jhaj: Building Relationships with Patients as a Doctor or Healthcare Wo...
Jesse Jhaj: Building Relationships with Patients as a Doctor or Healthcare Wo...Jesse Jhaj: Building Relationships with Patients as a Doctor or Healthcare Wo...
Jesse Jhaj: Building Relationships with Patients as a Doctor or Healthcare Wo...saimasadaf14
 
Boost Your Brain: Discover Natural Herbal Memory Supplements for Enhanced Cog...
Boost Your Brain: Discover Natural Herbal Memory Supplements for Enhanced Cog...Boost Your Brain: Discover Natural Herbal Memory Supplements for Enhanced Cog...
Boost Your Brain: Discover Natural Herbal Memory Supplements for Enhanced Cog...SkyTagBioteq
 
Clinical pharmacy book by parthasarathi.pdf
Clinical pharmacy book by parthasarathi.pdfClinical pharmacy book by parthasarathi.pdf
Clinical pharmacy book by parthasarathi.pdfDr. Afreen Nasir
 
Case Presentation: Severe microcytic hypochromic iron deficiency anemia with ...
Case Presentation: Severe microcytic hypochromic iron deficiency anemia with ...Case Presentation: Severe microcytic hypochromic iron deficiency anemia with ...
Case Presentation: Severe microcytic hypochromic iron deficiency anemia with ...Dr. Afreen Nasir
 
Sugar Medicine_ Natural Homeopathy Remedies for Blood Sugar Management.pdf
Sugar Medicine_ Natural Homeopathy Remedies for Blood Sugar Management.pdfSugar Medicine_ Natural Homeopathy Remedies for Blood Sugar Management.pdf
Sugar Medicine_ Natural Homeopathy Remedies for Blood Sugar Management.pdfDharma Homoeopathy
 
Mental Health Startup Pitch Deck Presentation
Mental Health Startup Pitch Deck PresentationMental Health Startup Pitch Deck Presentation
Mental Health Startup Pitch Deck PresentationStartupSprouts.in
 
Session-5-Birthing-Practices-Breastfeeding (1).ppt
Session-5-Birthing-Practices-Breastfeeding (1).pptSession-5-Birthing-Practices-Breastfeeding (1).ppt
Session-5-Birthing-Practices-Breastfeeding (1).pptMedidas Medical Center INC
 
Management of Colorectal Cancer for the Trainee Surgeon
Management of Colorectal Cancer for the Trainee SurgeonManagement of Colorectal Cancer for the Trainee Surgeon
Management of Colorectal Cancer for the Trainee SurgeonMinistry of Health, Sri Lanka
 
Breaking Down Oppositional Defiant Disorder Treatments
Breaking Down Oppositional Defiant Disorder TreatmentsBreaking Down Oppositional Defiant Disorder Treatments
Breaking Down Oppositional Defiant Disorder TreatmentsOppositional Defiant Disorder
 
Storage_of _Bariquin_Components_in_Storage_Boxes.pptx
Storage_of _Bariquin_Components_in_Storage_Boxes.pptxStorage_of _Bariquin_Components_in_Storage_Boxes.pptx
Storage_of _Bariquin_Components_in_Storage_Boxes.pptxBariquins
 
Mike Lowe’s cancer fight lowe strong shirt
Mike Lowe’s cancer fight lowe strong shirtMike Lowe’s cancer fight lowe strong shirt
Mike Lowe’s cancer fight lowe strong shirtrahman018755
 
Case Presentation: CRYPTOCOCCAL MENINGITIS & ORAL CANDIDIASIS –Opportunistic ...
Case Presentation: CRYPTOCOCCAL MENINGITIS & ORAL CANDIDIASIS –Opportunistic ...Case Presentation: CRYPTOCOCCAL MENINGITIS & ORAL CANDIDIASIS –Opportunistic ...
Case Presentation: CRYPTOCOCCAL MENINGITIS & ORAL CANDIDIASIS –Opportunistic ...Dr. Afreen Nasir
 
Lactation Mraining Management Session-2-Comm-Building-Conf.ppt
Lactation Mraining Management Session-2-Comm-Building-Conf.pptLactation Mraining Management Session-2-Comm-Building-Conf.ppt
Lactation Mraining Management Session-2-Comm-Building-Conf.pptMedidas Medical Center INC
 
Dr. Gaurav Gangwani: Leading Interventional Radiologist in Mumbai, India
Dr. Gaurav Gangwani: Leading Interventional Radiologist in Mumbai, IndiaDr. Gaurav Gangwani: Leading Interventional Radiologist in Mumbai, India
Dr. Gaurav Gangwani: Leading Interventional Radiologist in Mumbai, IndiaGaurav Gangwani
 
Leaukemia and it cause sign and symptoms
Leaukemia and it cause sign and symptomsLeaukemia and it cause sign and symptoms
Leaukemia and it cause sign and symptomswajidullah9551
 
INTERNATIONAL HEALTH AGENCIES BY ANUSHRI SRIVASTAV.pptx
INTERNATIONAL HEALTH AGENCIES BY ANUSHRI SRIVASTAV.pptxINTERNATIONAL HEALTH AGENCIES BY ANUSHRI SRIVASTAV.pptx
INTERNATIONAL HEALTH AGENCIES BY ANUSHRI SRIVASTAV.pptxAnushriSrivastav
 
تقرير منظمة الصحة العالمية الخاص بالغذاء د حاتم البيطار.pdf
تقرير منظمة الصحة العالمية الخاص بالغذاء د حاتم البيطار.pdfتقرير منظمة الصحة العالمية الخاص بالغذاء د حاتم البيطار.pdf
تقرير منظمة الصحة العالمية الخاص بالغذاء د حاتم البيطار.pdfد حاتم البيطار
 

Recently uploaded (20)

The Pfizer testimony by Melissa Mac Atee
The Pfizer testimony by Melissa Mac AteeThe Pfizer testimony by Melissa Mac Atee
The Pfizer testimony by Melissa Mac Atee
 
Best Way 30-Days Keto Meal Plan For Diet
Best Way 30-Days Keto Meal Plan For DietBest Way 30-Days Keto Meal Plan For Diet
Best Way 30-Days Keto Meal Plan For Diet
 
Benefits of Dentulu's Salivary Testing.pptx
Benefits of Dentulu's Salivary Testing.pptxBenefits of Dentulu's Salivary Testing.pptx
Benefits of Dentulu's Salivary Testing.pptx
 
Jesse Jhaj: Building Relationships with Patients as a Doctor or Healthcare Wo...
Jesse Jhaj: Building Relationships with Patients as a Doctor or Healthcare Wo...Jesse Jhaj: Building Relationships with Patients as a Doctor or Healthcare Wo...
Jesse Jhaj: Building Relationships with Patients as a Doctor or Healthcare Wo...
 
Boost Your Brain: Discover Natural Herbal Memory Supplements for Enhanced Cog...
Boost Your Brain: Discover Natural Herbal Memory Supplements for Enhanced Cog...Boost Your Brain: Discover Natural Herbal Memory Supplements for Enhanced Cog...
Boost Your Brain: Discover Natural Herbal Memory Supplements for Enhanced Cog...
 
Clinical pharmacy book by parthasarathi.pdf
Clinical pharmacy book by parthasarathi.pdfClinical pharmacy book by parthasarathi.pdf
Clinical pharmacy book by parthasarathi.pdf
 
Case Presentation: Severe microcytic hypochromic iron deficiency anemia with ...
Case Presentation: Severe microcytic hypochromic iron deficiency anemia with ...Case Presentation: Severe microcytic hypochromic iron deficiency anemia with ...
Case Presentation: Severe microcytic hypochromic iron deficiency anemia with ...
 
Sugar Medicine_ Natural Homeopathy Remedies for Blood Sugar Management.pdf
Sugar Medicine_ Natural Homeopathy Remedies for Blood Sugar Management.pdfSugar Medicine_ Natural Homeopathy Remedies for Blood Sugar Management.pdf
Sugar Medicine_ Natural Homeopathy Remedies for Blood Sugar Management.pdf
 
Mental Health Startup Pitch Deck Presentation
Mental Health Startup Pitch Deck PresentationMental Health Startup Pitch Deck Presentation
Mental Health Startup Pitch Deck Presentation
 
Session-5-Birthing-Practices-Breastfeeding (1).ppt
Session-5-Birthing-Practices-Breastfeeding (1).pptSession-5-Birthing-Practices-Breastfeeding (1).ppt
Session-5-Birthing-Practices-Breastfeeding (1).ppt
 
Management of Colorectal Cancer for the Trainee Surgeon
Management of Colorectal Cancer for the Trainee SurgeonManagement of Colorectal Cancer for the Trainee Surgeon
Management of Colorectal Cancer for the Trainee Surgeon
 
Breaking Down Oppositional Defiant Disorder Treatments
Breaking Down Oppositional Defiant Disorder TreatmentsBreaking Down Oppositional Defiant Disorder Treatments
Breaking Down Oppositional Defiant Disorder Treatments
 
Storage_of _Bariquin_Components_in_Storage_Boxes.pptx
Storage_of _Bariquin_Components_in_Storage_Boxes.pptxStorage_of _Bariquin_Components_in_Storage_Boxes.pptx
Storage_of _Bariquin_Components_in_Storage_Boxes.pptx
 
Mike Lowe’s cancer fight lowe strong shirt
Mike Lowe’s cancer fight lowe strong shirtMike Lowe’s cancer fight lowe strong shirt
Mike Lowe’s cancer fight lowe strong shirt
 
Case Presentation: CRYPTOCOCCAL MENINGITIS & ORAL CANDIDIASIS –Opportunistic ...
Case Presentation: CRYPTOCOCCAL MENINGITIS & ORAL CANDIDIASIS –Opportunistic ...Case Presentation: CRYPTOCOCCAL MENINGITIS & ORAL CANDIDIASIS –Opportunistic ...
Case Presentation: CRYPTOCOCCAL MENINGITIS & ORAL CANDIDIASIS –Opportunistic ...
 
Lactation Mraining Management Session-2-Comm-Building-Conf.ppt
Lactation Mraining Management Session-2-Comm-Building-Conf.pptLactation Mraining Management Session-2-Comm-Building-Conf.ppt
Lactation Mraining Management Session-2-Comm-Building-Conf.ppt
 
Dr. Gaurav Gangwani: Leading Interventional Radiologist in Mumbai, India
Dr. Gaurav Gangwani: Leading Interventional Radiologist in Mumbai, IndiaDr. Gaurav Gangwani: Leading Interventional Radiologist in Mumbai, India
Dr. Gaurav Gangwani: Leading Interventional Radiologist in Mumbai, India
 
Leaukemia and it cause sign and symptoms
Leaukemia and it cause sign and symptomsLeaukemia and it cause sign and symptoms
Leaukemia and it cause sign and symptoms
 
INTERNATIONAL HEALTH AGENCIES BY ANUSHRI SRIVASTAV.pptx
INTERNATIONAL HEALTH AGENCIES BY ANUSHRI SRIVASTAV.pptxINTERNATIONAL HEALTH AGENCIES BY ANUSHRI SRIVASTAV.pptx
INTERNATIONAL HEALTH AGENCIES BY ANUSHRI SRIVASTAV.pptx
 
تقرير منظمة الصحة العالمية الخاص بالغذاء د حاتم البيطار.pdf
تقرير منظمة الصحة العالمية الخاص بالغذاء د حاتم البيطار.pdfتقرير منظمة الصحة العالمية الخاص بالغذاء د حاتم البيطار.pdf
تقرير منظمة الصحة العالمية الخاص بالغذاء د حاتم البيطار.pdf
 

5 key steps of HIPAA compliance

  • 1. InarecentinterviewwithBeckersHospitalReview,OurCCOBobGranthighlightedwhatisneces- saryforhealthcareproviderstoachieve,illustrateandmaintainHIPAAcompliancein5easytoun- derstandsteps. 1.Perform a"true"riskanalysis.Tounderstandsystem vulnerabilities,healthcareprovidershavetodo aninternalriskanalysisorhireanoutsideauditortoperform ariskanalysisforthem.Toperform a "true"riskanalysis,theproviderhastobeabletosay"no,wedon'tcomplywithacertainpartofthe regulation,"saysMr.Grant.Althoughmanyhealthcareprovidersarehesitanttoadmittheyarenot HIPAAcompliant,honestlyansweringriskanalysisquestionsisnecessarytoascertainwhatasystem's weaknessesare,addsMr.Grant. 2.2.Havearemediationplan.Healthcareprovidersneedtousetheinformationfrom theriskanalysis todevelopaplantoresolveitsvulnerabilities,saysMr.Grant.Alongwiththeremediationplan,pro- vidersalsoneedtotrackthedocumentationthatshowsthenon-complianceissuewasfixed.There aretoolsavailablethathelpproviderstrackthedocumentation,andhealthcaresystemswithmulti- plefacilitiesshouldutilizethetoolstosimplifytheprocess,addsMr.Grant. 3.Havevendormanagementprotocols.Healthcareprovidersneedtohaveavalidbusinessassoci- ateagreementinplacewithallvendorstheyaresharingpatientinformationwith,saysMr.Grant. ProvidersshouldsendvendorsaHIPAAsecurityaudittoensurethevendorisincompliancewiththe HIPAAsecurityrule.Itisimportantforhealthcareproviderstoaddressallvendornon-compliance issuesbecause"ifyouactlikeanostrichandputyourheadinthesand,HHSwillcomedownonyou hard,"addsMr.Grant. 4.Updatedocuments.TheHIPAAomnibusrulerequireshealthcareproviderstohaveamanualcon- tainingcurrentpoliciesandproceduresaddressingeachpartoftheomnibusrule— suchasbusiness associateagreementmonitoringandsanctionstrategy.Providers'policiesandproceduresmustbe updated"periodically,"anditisgoodpracticetoupdatewithfederalgovernmentrulechangesor everytwoyears,saysMr.Grant."Youmaynothavetochangethemanualwhenit'sreviewed,but youatleasthavetoreviewthepoliciesandtrackthatyoudidbyatleastchangingtherevised date,"addsMr.Grant. 5.Haveanincidentmanagementplan."Everyonehasasecurityincident,it'sthenatureofhealth- care,andsecurityincidentscanhappenatanyorganization,"saysMr.Grant.Thehealthcareindus- tryreliesonphones,faxmachinesandotherelectronicdevicesthatareoftencompromisedand leadtodatabreaches.Asanincidentresponsemeasure,healthcareprovidersneedtokeepaccu- raterecords— suchasemployeeHIPAAtrainingdocumentsandauditlogs— todeterminewhatin- formationwascompromisedduringabreachandtobeabletotracktheincidenttotheresponsible party,addsMr.Grant. -BobGrant,CCOatCompliancyGroupandformerHIPAAauditor 5KeyStepsofHIPAACompliance