Let’s face it, the LAST thing you want to think about is HIPAA, its requirements, and where you may be lacking for 2020.

We live in the healthcare industry; there is no opting out when it comes to HIPAA Rules. So take a deep breath, don’t get overwhelmed, and take care of these important areas of HIPAA before the end of the year, if you haven’t already, or as soon as possible.

  • Complete a required Annual Risk Analysis.
  • Have all Business Associate Agreements signed, including any companies that have changed names: new softwares – telehealth, billing; collections; storage facilities; and any Covered Entities renting space in the facility that are not part of your patients’ treatment, payment and operations.
  • Review the HIPAA / Office Manual policies and procedures. Be sure to have current dates on them; and have staff sign off on any revisions when they are included in the policy.
  • Review active users in ALL operating systems and applications that contain ePHI to ensure any staff member no longer with the organization has been disabled in these accounts.
  • Confirm all users with remote access to systems still need access; disable immediately if remote access is no longer necessary.

Security and compliance are first and foremost in the management of our clients' systems. After conducting thousands of SRAs, common vulnerabilities began to emerge. We launched HIPAA Tip Tuesday to make clients aware of what actions they can take to address these vulnerabilities.

Have a great week!