The HIPAA Security Rule is meant to protect an individual’s personal health information that is created, received, used or maintained by a covered entity. There are three safeguards that help make sure that happens: Administrative, Physical and Technical.
Start getting on the right track by following this HIPAA Compliancy guide:
- Have a designated HIPAA Privacy and Security Officer. Make sure the Officer’s roles and responsibilities are clearly documented.
- Privacy and security procedures and policies are very important. They should be updated annually and all employees need to be well informed about them.
- Conduct a Security Risk Analysis annually, which will address any compliance gaps or medium/high risk ratings.
- Implement Security safeguards, including patching/updating devices, antivirus, upgrading end-of-life, and backups for critical data on and offsite.
- For all third parties who are accessing the organization’s ePHI/PHI, Business Associate Agreements (BAAs) must be in place, including signatures and dates.
HIPAA Compliance is not a one-time thing. It requires ongoing diligence to stay in good standing with the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR). HIPAA violations can result in criminal and civil penalties, including hefty fines and even jail time.
CATS Technology Solutions Group has a team of technicians who are Certified in HIPAA Compliance, and has knowledge on the latest HIPAA standards, rules and best practices to ensure you meet HIPAA Compliance.