How Prepared Are You for the Upcoming HIPAA Audit? by eGestalt

VIEWS: 17 PAGES: 2

With the long overdue HIPAA privacy and security compliance audit program scheduled to begin later this year or early next year, it’s time for every healthcare entity to do a reality check and find out if their privacy and security policies really work. Is your organization prepared for the upcoming HIPAA compliance audit? If yes, how well are you prepared?

More Info
									        How Prepared Are You for the Upcoming HIPAA Audit?




With the long overdue HIPAA privacy and security compliance audit program scheduled
to begin later this year or early next year, it’s time for every healthcare entity to do a
reality check and find out if their privacy and security policies really work. Is your
organization prepared for the upcoming HIPAA compliance audit? If yes, how well are
you prepared?

“An important component of preparing for a potential HIPAA compliance audit is to
complete a ‘walk through’ to make sure privacy and security policies and procedures are
practical and effective” says Adam Greene, (a veteran health law attorney and a former
key regulator at the U.S. Department of Health and Human Services, where he played a
fundamental role in administering and enforcing HIPAA privacy, security, and breach
notification rules) in his article ‘HIPAA Audits: Preparation Steps’. Most organizations
formulate policies and procedures, assuming that they would work best to meet their
privacy and security needs. But as in Greene’s words, “in the reality of a complex and
busy environment” these policies and procedures may not work as expected. It is
therefore of prime importance to conduct a self-audit to identify areas that may require
policy or procedural changes, and ensure optimal HIPAA compliance.




According to Adam Greene, there are four things that are crucial when preparing for the
HIPAA compliance audit: First is to make sure that all your privacy and security policies
are up-to-date. Second is to ensure that your employees are comprehensively trained in
the latest privacy and security protocols. Third is to formulate a clear sanctions policy to
ensure that employees do not violate these protocols. And fourth is to be prepared with
extensive documentation to demonstrate your compliance management efforts.

So, while you may have put in place policies and procedures to protect sensitive
information, merely doing this will no longer suffice. To effectively handle the HIPAA
audit, you need to keep track of how your security and privacy measures work, and also
maintain adequate supporting records. This is where our SecureGRC solution may come
in handy.
SecureGRC is an automated and integrated IT security and compliance management
platform, which not only offers a comprehensive threat management capability, but also
provides a unified view of your compliance status, making it easy to keep track of
compliance related information. It holistically covers all aspects of threats – internal or
external, known or unknown, intentional or unintentional, deliberate or accidental
through an effective risk mitigation system.

This solution is flexible and scalable to address new requirements, giving you the
capability to seamlessly manage existing and potential risks. Its 24X7 information
security monitoring and real-time reporting capabilities enable you to effectively manage
threats. And most importantly, the centralized dashboard view summarizes the
compliance status helping you generate comprehensive reports to help you demonstrate
compliance for any regulatory or standard-based audits, including the periodic HIPAA
compliance audit.

Know more information about - compliance management software here.

								
To top