Like many of us managing compliance programs you have a myriad ideas, initiatives, next steps, tasks and action items swirling around in your head, posted on sticky notes, in your email and in office documents.   In the back of your mind you keep thinking “I am not managing my compliance program properly if I don’t have all this nice and orderly in Microsoft Project.”  The good news is you don’t need to be an expert in sophisticated project management software to manage your compliance program.   Here are some tips on how to put together an Action Items List that will get results.

The fundamental data elements needed to manage HIPAA-HITECH “To-Dos” or compliance tasks are a very short list.   Don’t overburden yourself or your program with complicated project management techniques.   The key is consistent use, documentation and follow through.

Here are the essential elements of an Action Item list:
•    Priority (ABC, 123 etc…)
•    Status (Open or Closed)
•    Action Item Name (One sentence, should be understandable to folks not intimately involved in the project for good communication. If you use acronyms or esoteric technical terms define them in parenthesis)
•    Responsible Party (I prefer last name, comma, first name for sorting)
•    Due Date
•    Resolution/Comment  (Note accomplishments and next steps.  Associate a date with each)



Sample Action Item List for HIPAA Compliance

Wow, seems overly simple doesn’t it?   I can promise you if you follow these guidelines your “To-Dos” will get “Ta-Done.”

Essentials of Managing an Action Item List
•    Keep it simple – You just need to collect a few data elements to manage.   Resist the temptation to add more columns of data you won’t have time to maintain and no one will look at.
•    Be methodical – It’s not sophistication that counts, its diligence, consistency and following up.  This should be a living/breathing document that you look at all the time.
•    Be accountable – Every Action Item should always have a documented next step, due date and responsible party.  Without that this document is a waste of effort.
•    Use it to communicate – Circulate the list regularly to project team members.  Use it as the agenda for project team meetings.  Sort the high priority items to the top for management reports.

This will get you off to a great start.   If you are looking for a little something more that allows team members to edits tasks and update information then take the same approach. Use the information above to evaluate any project management or collaboration system you are considering.   Less is still more as long as you aren’t missing any of these essentials.    Our Clearwater HIPAA Security Assessment™ includes a Preliminary Remediation Planning feature that includes these essential elements but still keeps things simple.   If you would like a great way to link the findings of your HIPAA security assessment to a simple Task Management system try out our Free Trial today.

Jon Stone

VP of Product Innovation at Clearwater Compliance
Jon has a unique breadth of experience with a combined 25 years’ experience in healthcare, working in the provider, payer and healthcare quality improvement fields. For the last 15 years Jon has provided strategic leadership for compliance and healthcare technology projects involving the most sensitive ePHI for companies such as CIGNA, Healthways and Ingenix. He is Clearwater’s VP of Product Innovation, and helps provide HIPAA Security and Privacy SaaS (Software as a Service) for the healthcare industry.