[ Tuesday, February 22, 2005 ]


It pains me: Yes, it does, but I do all this for you. Anyway, here's a checklist from Vinson & Elkins' HIPAA task force outlining the things you need to do to get up and running on Security. Nothing new, but yet another listing showing all the things you haven't done yet.

Actually, it's a good recitation of the requirements of the Security Regs, and goes to show the great many policies and procedures you'll need on paper to show you've done the Security Risk Analysis dance. Ultimately, the lesson here is that you need to produce paper: it's the only way you can show you've met the requirements of the Regs, even if you never really have to take the steps you outline in your policies and procedures.

As with the Privacy Rule, the lesson is to just do it.

Jeff [10:25 AM]

Comments: Post a Comment
http://www.blogger.com/template-edit.g?blogID=3380636 Blogger: HIPAA Blog - Edit your Template