HIPAA Audit Help– We Agree with Mr. Rodriguez – How to Prepare for HIPAA Audits
In a recent post by Howard Anderson entitled: “Permanent HIPAA Audit Program Coming”, Howard quoted Leon Rodriguez, Director of the Office for Civil Rights on several practical, actionable steps organizations must take now to prepare for the upcoming HIPAA OCR/KPMG audits. Let’s compare our respective recommendations.
Benefit from our expertise; prepare for the audits! …
Need HIPAA Audit Help?
Director Rodriquez speaks out in “Interactive Session: Privacy and Security – You can do it!”
At the annual meeting of the Office of the National Coordinator for Health IT on November 17th, Rodriguez provided the following recommendations:
- Check that risk assessments are up to date;
- Make sure senior managers are supportive of risk mitigation strategies;
- Review existing compliance programs as well as staff training;
- Ensure vigilant implementation of privacy and security policies and procedures, as well as tough sanctions for violating them;
- Conduct frequent internal compliance audits; and
- Develop a plan for prompt response to breach incidents.
Just getting started preparing for the upcoming KPMG OCR HIPAA Audits? Here’s Clearwater Compliance’s By-the-Regs HIPAA Audit Help Playbook:
- Stand Up Your Privacy and Security Risk Management & Governance Program (45 CFR § 164.308(a)(1))
- Complete a HIPAA Security Evaluation (45 CFR § 164.308(a)(8))
- Complete a HIPAA Security Risk Analysis (45 CFR §164.308(a)(1)(ii)(A))
- Develop comprehensive HIPAA Privacy and Security and Breach Notification Policies & Procedures (45 CFR §164.530 and 45 CFR §164.316))
- Complete a Privacy Rule compliance assessment (45 CFR §164.530)
- Document and act upon a corrective action plan
Visit Clearwater Compliance for more information or call us today at 800-704-3394 to learn more about Clearwater Compliance’s HIPAA AuditPrep™ Series of Workshops.
Wanna be even more hip on HIPAA? Learn more…
The complete HIPAA Privacy, Security and Breach regulations are here.
If you’d like keep up to date on Risk Analysis or HIPAA-HITECH in general, please also consider (all optional!):
- Joining our AboutHIPAA LinkedIn Group: http://AboutHIPAALI.org
- Following me: http://Twitter.com/AboutHIPAA
- Subscribing to our eNewsletter: https://app.e2ma.net/app/view:Join/signupId:61331/mailingId:3310893/acctId:36048
- Subscribing to our RSS feed: http://abouthipaa.com/feed/rss/
- Checking our company web site: http://clearwatercompliance.com/
- Attending a HIPAA HITECH live webinar: http://abouthipaa.com/webinars/upcoming-live-webinars/
- Attending a HIPAA HITECH Blue Ribbon Panel Live Web Event: http://abouthipaa.com/webinars/blue-ribbon-panel-live-events/
- Viewing a pre-recorded webinar: http://abouthipaa.com/webinars/on-demand-webinars/
Get our regular HIPAA HITECH Newsletter
Trackbacks/Pingbacks
[...] “Our customers, ranging from large enterprises to small medical practices, have been very impressed with the rigor and completeness of our assessment tools and notably the WorkShop™ process itself,” said Bob Chaput, CEO and Founder of Clearwater Compliance. “The Assessment Tool is based on the exacting language of the laws and regulations, including both HIPAA Privacy Final Rule and The HITECH Act. It serves organizations well as a HIPAA Privacy self-audit tool to use to prepare for the OCR/KPMG audits.” [...]