Navigating the specific compliance regulations of the Health Insurance Portability and Accountability Act (HIPAA) can be daunting. The act requires national standards for electronic health care information at the government and business level.
Tom Walsh, president of Tom Walsh Consulting in Kansas, has identified seven areas of compliance that meet the bare minimum for HIPAA. These are:
- Have a compliance official
- Set standards of conduct into policies, procedures, or guidelines so that people know what the expected behavior is
- Training and education of all staff on an ongoing basis, including additional training for specific employees should their jobs require it
- Incident reporting to correct and prevent incidents
- Incident response procedures in the form of a plan and a team
- Auditing and monitoring continually, with an evaluation and validation process set at regular intervals
- Corrective actions applied consistently (sanctions, risk management, security controls)
You can read more here or visit our healthcare resources here.
Tags: hipaa, health security, health information, data security, it security, compliance, hipaa compliance, health sector