As a new year quickly approaches, now is the time to take advantage of getting your practice or company set up for HIPAA compliance in 2018! Take a look at these five tips to help you get started.
1. Select or Hire a Compliance and Security Officer
If the budget allows, now is the perfect time to start looking to hire or train a compliance officer. Having someone on staff dedicated to ensuring compliance along with training and updating other employees, can help mitigate any non-compliance risks. Remember, if you don’t have someone designated to be leading compliance efforts, you’re not in compliance.
2. Develop a Risk Assessment
Designed to identify potential risks, vulnerabilities, availability and integrity of Patient Health Information that an organization creates, maintains, receives and transmits, having a risk assessment in place is critical to being compliant. Since entities can now be fined for not identifying potential risks, it’s highly encouraged this should be the first step after identifying your compliance officer. For more information on risk assessments, visit our blog here.
3. Create HIPAA Privacy and Security Policies
Creating Privacy and Security Policies are critical to becoming HIPAA compliant. These lay the groundwork when developing your compliance strategy. The goal of these policies is to develop a plan on how your organization will protect electronic PHI. These should be reviewed with staff on a regular basis and updated, at the minimum, on an annual basis.
4. Train your Employees
The Compliance Officer has been decided, the risk assessment developed and the Privacy and Security policies are in place, so what’s the next step? Training your employees. Employees should receive annual trainings on all the policies and procedures in place. You’ll need to accurately document the training of the employees for your records if you were to be audited.
5. Put it into Practice
Everything is in place, has been documented and everyone has been properly trained, now is the time to put your plan into action, with the help of HIPAAwise, – The van Halem Group Solution, you can keep better track of your process, policies and documentation of required materials.