Audits Breaches and Fines Part 2 - Further progress along the HIPAA brick road

more+
less-

In last month’s issue of Endnotes, we covered the “why” of HIPAA compliance. Now let’s consider the “how.” How exactly do you review your HIPAA privacy and security compliance program and ensure that all the requisite bases have been covered?

Know Your Obligations

Your first step is to identify all your legal requirements. For privacy and security purposes, these are enumerated in the HIPAA Privacy, Security and Breach Notice Rules. You need to identify each requirement that must result in some “end product.” Depending on the requirement, that could mean a documented policy or procedure, a set of security reminders, training programs, a complaint process, an incident response plan, etc. If you’ve never asked a lawyer to review your program to determine whether each of these end products is addressed, this might be a good time to consider that step.

Please see full article below for more information.

LOADING PDF: If there are any problems, click here to download the file.

Published In: Administrative Agency Updates, Health Updates, Privacy Updates

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Poyner Spruill LLP | Attorney Advertising

Don't miss a thing! Build a custom news brief:

Read fresh new writing on compliance, cybersecurity, Dodd-Frank, whistleblowers, social media, hiring & firing, patent reform, the NLRB, Obamacare, the SEC…

…or whatever matters the most to you. Follow authors, firms, and topics on JD Supra.

Create your news brief now - it's free and easy »