Breaking Compliance News Blog

HIPAA Enforcement Deadline Approaches

Posted by Margaret Scavotto, JD, CHC on 8/30/13 12:02 PM

Find me on:

The enforcement date for the HIPAA Omnibus Final Rule is just around the corner. As September 23 approaches, compliance officers may be wondering if everything is on schedule for completion by the enforcement date.  In HIPAA, we have a hefty set of regulations to guide us in safe, secure management of the health information of those we care for.  Using a well organized, systematic plan for drafting and implementing policies and forms is the best approach to attaining HIPAA compliance.

A suggested approach to your implementation or review of your HIPAA Policy is to identify parts that should be completed by others in your organization, such as IT or medical records personnel. As to what remains for your hands to complete, as with any large project, breaking it down into digestible parts and setting reasonable goals for completion of each part makes the project far more manageable.

Security Risk Assessment

Reports on recent inspections indicate that HHS evaluates security risk assessments as a matter of routine. The risk assessment is a great tool for verifying that sufficient protections are in place to prevent inappropriate access to, and disclosure of, ePHI. Firewalls, email encryption, password protection, notice of privacy practices,business associate agreements, and training should all be included in this analysis.

A thorough review of your HIPAA compliance program will give your organization an effective plan and help make it inspection-ready in time for the September 23 compliance date.

HIPAA on a budget:  Get HIPAA compliant with MPA's  HIPAA Tool Kit

Topics: Penalties and Enforcement, Auditing and Monitoring, HIPAA

    Privacy Policy           Terms of Use