FacebookTwitterLinkedInEmailPrint
This entry is part 1 of 27 in the series HIPAA Audit Tips

 

Section 13411 of The HITECH Act requires the Secretary of HHS to “provide for periodic audits to ensure that covered entities and business associates that are subject to the requirements of this subtitle and subparts C and E of part 164 of title 45, Code of Federal Regulations, as such provisions are in effect as of the date of enactment of this Act, comply with such requirements.”  That means compliance with the HIPAA Privacy and Security FINAL Rules. Here’s today’s big tip — Get started!  …here’s how…

HIPAA audits are a reality | HIPAA Audit TipsSo, where do I begin to Prepare for HIPAA Audits?

HIPAA HITECH compliance is not easy.  The blogsosphere is “lit up” with thoughts, ideas, recommendations, interpretations, prognostications and tips on how to become compliant, who’s going to audited and how to prepare for upcoming HIPAA audits.

Over the past couple of months, it has become very apparent that HIPAA enforcement is in effect, on the upswing and the consequences are serious.  The June 2011 hiring by the Office of Civil Rights (OCR) of KPMG, however, means enforcement may soon ramp up even more.

Many organizations are struggling with how / where to start.  Our recommendations are simple and straight forward and immediately result in your ability to demonstrate good faith effort, show documentation as evidence of same and produce tangible, actionable plans.

Six (6) Action Steps to Undertake Now to Prepare for HIPAA Audits:

  1. Complete a HIPAA Security Final Rule Self-Assessment (45 CFR 164.308(a)(8) Evaluation)
  2. Complete a HIPAA Privacy Self-Assessment
  3. Complete HIPAA Security Risk Analysis  (45 CFR 164.308(a)(1))(ii)(A) Risk Analysis)
  4. Review and update Privacy and Security Policies & Procedures
  5. Build Security Incident Management & Data Breach Response Policies & Procedures
  6. Engage and Assess BAs and Subcontractors in a “BA-Sub Summit Meeting”

The single best way to get started is to form a team AND immediately take stock of where you by completing the first two Steps above.

Call Clearwater Compliance at 800-704-3394 if you need help on any of these “jump-start” steps.

Wanna be even more hip on HIPAA? Learn more…

The complete HIPAA Privacy, Security and Breach regulations are here.

If you’d like keep up to date on Risk Analysis or HIPAA-HITECH in general, please also consider (all optional!):

Series NavigationHIPAA Audit Tips – CLEARWATER COMPLIANCE PUBLISHES SEMINAL HIPAA AUDIT WHITE PAPER >>

Bob Chaput

CEO at Clearwater Compliance
Bob is the CEO and Founder of Clearwater Compliance. He has 25 years of experience in the Healthcare industry, and his experience includes managing some of the world’s largest HR, benefits and healthcare databases, requiring the highest levels of security and privacy. Mr. Chaput continues to expand and update his knowledge base on HIPAA-HITECH compliance through postgraduate study, earning professional certifications and participating in professional healthcare and other organizations.
 
FacebookTwitterLinkedInEmailPrint