HIPAA security audits will continue in 2013 and probably in the years to come. Shouldn’t you at least be familiar with their findings and prepare just in case?
Those of you that know me better, I promised I will take some time off this coming weekend when I get back home. But in the meantime there is too much to do so I wanted to share some quick bits of information.
We are well entrenched in the 2013 year and my crystal ball is telling me of plenty of opportunities as well as areas to be concerned about. The opportunities vary from Practice to Practice but today I will simply cover HIPAA Security. According to Leon Rodriguez (director of the Health and Human Services), covered entities have a mountain of work to do in the area of HIPAA compliance. In addition Mr Rodriguez states that the HIPAA audits are to resume and ramp up over 2013 with strong funding and renewed vigor.
To keep matters simple, HIPAA should be seen as two major areas: Privacy (Patient Information) and Security (Electronic Information). In reality HIPAA Security is exponentially more complex than HIPAA Privacy and so far I have not seen anyone complying with the requirements of the same.
Based on the 2012 audits the specific areas in need of work included but were not limited to:
As I said before I’m creating an online suit of products to meet some of these requirements. However, there are other actions that I would recommend:
While the Government is having a hard time balancing the budget the same is not true regarding enforcement actions so don’t take chances. According to Mr Rodriguez “…I expect we are going to see monetary settlements for a long time to come…” So I should be back home next week so who wants to see me?