In last month’s issue of Endnotes, we covered the “why” of HIPAA compliance. Now let’s consider the “how.” How exactly do you review your HIPAA privacy and security compliance program and ensure that all the requisite bases have been covered?
Know Your Obligations
Your first step is to identify all your legal requirements. For privacy and security purposes, these are enumerated in the HIPAA Privacy, Security and Breach Notice Rules. You need to identify each requirement that must result in some “end product.” Depending on the requirement, that could mean a documented policy or procedure, a set of security reminders, training programs, a complaint process, an incident response plan, etc. If you’ve never asked a lawyer to review your program to determine whether each of these end products is addressed, this might be a good time to consider that step.
Please see full article below for more information.
Firefox recommends the PDF Plugin for Mac OS X for viewing PDF documents in your browser.
We can also show you Legal Updates using the Google Viewer; however, you will need to be logged into Google Docs to view them.
Please choose one of the above to proceed!
LOADING PDF: If there are any problems, click here to download the file.