The 10 Step HIPAA Compliance Review - How to Ensure your Compliance is Up to Date

Overview:

Day One: Research of Your Operations - How do you use PHI and what policies and procedures do you have for Privacy, Security, and Breach Notification? Understand your operations and information flows, and the ways you use or disclose PHI.

Day Two: Limitations on Uses and Disclosures - Establish the proper limitations according to the Privacy Rule, including requirements for Business Associates, handling authorizations, and required processes for uses and disclosures of PHI under HIPAA.

Day Three: Patient Rights under HIPAA - Make sure the processes are defined and in place for providing opportunities to access, amend, and restrict uses of PHI, to ask for an accounting of disclosures of PHI, to request alternative means or methods of communication, and to receive a Notice of Privacy Practices.

Day Four: HIPAA Risk Analysis - Look at how you handle information, identify the risk issues, and decide their priority for mitigation.

Day Five: HIPAA Security Safeguards - Decide what safeguards you will use to address the various Security issues and start implementing physical, technical, and administrative safeguards.