[ Thursday, April 15, 2004 ]
Yesterday was the day; today's something different.
Here's another article
on how few small plans are HIPAA-compliant, despite yesterday's deadline. Of course, as the article points out, many of them have other things on their minds.
It's not that hard to become compliant. And as long as you do the things you ought to do (protect the info) and don't do the things you oughtn't (use the info for employment decisions), you'll probably be OK. You should, of course, have taken steps, drafted policies and procedures, and otherwise documented your efforts, simply to prevent some disgruntled employee from attempting to leverage the threat of reporting a HIPAA violation into a lifetime employment agreement. Keep in mind that, even if you never get a visit from OCR, your biggest problems could be a lot closer to home.
Jeff [10:30 AM]
Blogger: HIPAA Blog - Edit your Template