Preparing For Next Round Of HIPAA Audits

April 30, 2014 Jana Langhorne

beckers-cio-logo

Expert Advice by Mac McMillan

CynergisTek CEO, Mac McMillan recently sat down with Becker’s Hospital CIO to provide advice on how covered entities (CEs) and business associates (BAs) can prepare for the new HIPAA Audits. Earlier this month the Office for Civil Rights (OCR) announced that they were sending out surveys to 800 covered entities and then would send surveys to those entities’ BAs. McMillan tells Becker’s Hospital CIO, “OCR is stepping up their game, adding security and audit SMEs to their team of regulators, and covered entities and business associates had better as well.” He addresses three ways to prepare.

  1. Business Associate Agreements: If is necessary for covered entities to have business associate agreements (BAAs) with all of the vendors they do business with that handle PHI. BAs need to know that they are now responsible to protect it and should be documented in the BAA.
  2. Risk assessment: Everyone needs to have a through and current risk assessment to meet the requirements under the HIPAA Security Rule. McMillan suggests, “Select an industry-recognized framework for security like ISO, ITIL or NIST and apply it.”
  3. Vendor management:  covered entities need to preform due diligence, have a high level of awareness of its vendors’ security programs and execute a vendor management program. CEs should ask “Have I done my due diligence? What do I know about my vendors security programs? Have I addressed all of the areas they should have to ensure a successful partnership, incident response, requests for information, physical protection, transmission security, etc.?” CEs should know what the vendor is doing to safeguard PHI and what is the response plan incase of an incident.

Click here to read the entire article.

Previous Article
Columbia-Presbyterian Settle HIPAA Violations for $4.8 Million
Columbia-Presbyterian Settle HIPAA Violations for $4.8 Million

Record Breaking HIPAA Penalty NY Presbyterian Hospital (NYP) and Columbia University School of Medicine (CU...

Next Article
CynergisTek Celebrates Record First Quarter
CynergisTek Celebrates Record First Quarter

52% Revenue Growth Due to Increased Demand for Compliance Solutions CynergisTek announced that it has achie...

×

Subscribe to Cyber Bulletins with the Latest News, Tips and More!

First Name
Last Name
Company
Thank you!
Error - something went wrong!