Don’t let a HIPAA audit catch your practice off-guard!
HIPAA audits are painful and unwelcome. But failing an audit can be a disastrous and a huge blow to the reputation of medical practices. Despite guidelines being formulated every other day, there is, very little coordinated effort being taken by healthcare organizations to meet them. Failure to prepare is preparing to fail.
Put these ten tips into action to prevent your medical practice from penalized by auditors. It is a team effort so rope in employees and make a cohesive effort, to stay HIPAA compliant. There are lot of plates spinning and deadlines to meet. So it is important you chalk up a plan and tick things off a checklist to stay on track and move towards complete HIPAA compliance.
- Run a thorough end to end risk analysis check across the entire organization. Check your documentation management and informational security policies.
- Devise clear cut policies such as passwords for accessing information and that all images such as scans are securely encrypted.
- Invest in workforce training. Conduct regular workshops for all your employees on operating procedures and security protocols.
- Monitor closely if all the newly implemented procedures are working in the first place. Check and re-check the progress of each strategy created to meet HIPAA guidelines.
- Keep clinical documentation updated and maintain a report of your security procedures and documentation. This will help when auditors ask for evidentiary documents.
- Create a contingency plan. In a landscape that is constantly shifting things may not play out the way you plan. Having a plan B is important too.
- Revised HIPAA guidelines place emphasis on business associates and subcontractors being HIPAA compliant. Discuss with your business associates about the security measures they have to follow and keep tabs on the physical and informational security they provide.
- The economic liability of data leaks has increased to over two million dollars which is $400,000 dollars more than in 2010. So pull up your socks and start working towards HIPAA compliance, now.
- Laptops and paper based records are the major reasons of data breaches. Almost 202 cases of data breaches due to stolen or lost laptops have been recorded according to a 2014 survey. Prohibit employees from bringing laptops or digital storage devices to office.
- If you work with a business associate and need to share medical information insist that your partner has a secure VPN connection to transmit and receive medical data.