HIPAA Security

Dr. Jose Delgado

January 27, 2014

1 min read

The first task in identifying what actions to take in accordance with HIPAA Title II, Administrative Simplification, Security Rule is a Risk Assessment covered under § 164.308(a)(1)(ii)(A).

The risk assessment must cover the three basic areas of Administrative, Physical and Technical and identify compliance with requirements, actions needed, person responsible and ideally time frame. After completion of the risk assessment Covered Entities must work on their Risk Management actions which is another key requirement. Remember that most of these regulations and the requirements of the same may be covered under other regulations and programs. For example, a CE that has attested under Meaningful Use and during an audit is found not to be in "good faith compliance" with HIPAA could face penalties, including giving back the meaningful use incentive money.

About Dr. Jose Delgado

Dr. Jose I. Delgado is the founder and CEO of Taino Consultants, a veteran-owned, 8(a) graduate healthcare IT consulting firm based in St. Augustine, Florida. With over 30 years of experience in healthcare compliance and government contracting, Dr. Delgado has helped organizations navigate HIPAA, MACRA/MIPS, and federal IT security requirements.

Need help with healthcare compliance?

Taino Consultants provides HIPAA compliance consulting, MACRA/MIPS compliance support, and healthcare IT modernization services for government and private healthcare organizations.

Schedule a consultation