While there has been considerable change in the medical industry over the last few years, the importance of staying HIPAA compliant can’t be stressed enough. There are a few simple steps you should take to make sure you stay compliant, especially in times of change when keeping your business in line with regulations can be a challenge.
Creating a Risk Analysis or hiring outside help to run one is not just good practice, but a requirement of the HIPAA Security Rule. IT Factor has been helping medical practices run HIT certified Risk Analysis for their Stage 2 Meaningful Use. This is a comprehensive look at your entire computer system, business practices and polices and security protocols.
2.System and Procedure Audits
Use scheduled reminders to check over your policies at least once a year. Include reviews on your process for accessing and sharing Protected Health Information and the systems that you use in your office or in the cloud to transmit or store the data. This is important because in case of an audit, you will be required show that you are staying on top of all your responsibilities of an office administrator. IT Factor can help you create a list of requirements that will need to be preformed on a regular basis.
3. Make Your HR Department the HIPAA Gatekeepers
Ensuring your Business Associates are HIPAA compliant can be a challenge, though documentation makes it more straightforward. Require a Business Associate Agreement (BAA) with anyone who may come in contact with your patients’ data, and make sure these associates also have BAAs in place with their subcontractors (though this is not your direct responsibility), or you could face large fines if a breach were to occur.
4. Security is Key!
Making sure your office is secure at all times is a full time responsibility. This not only applies to your computer systems, but your office’s physical security as well. What most clinics don’t realize is that with the new HIPAA security rules, all visitors to your office that are not patients will be required to sign in and have a form of “Guest Badge”. You will also need to ensure that the door leading past the waiting room into the clinic needs to be locked at all times to prevent anyone from just walking in.
“I can’t do this on my own! It is too much work and I don’t have anyone to help!”
This is a statement we hear all too often when it comes to HIPAA compliance. With our specialty in the medical field, we have helped many offices become fully HIPAA compliant. This is not an easy or affordable process (depending on your current office procedures and computer system), but IT Factor can walk you through the entire process to ensure that you can get through this and have a plan to make it easier for you. Call us to schedule your FREE Consultation today!