[ Thursday, February 04, 2010 ]


Five HIPAA Stumbling Blocks: From Chris Apgar, via Dom Nicastro

  1. No risk analysis
  2. No policies and procedures
  3. No training
  4. No compliance audits
  5. No disaster/recovery plans

Right now, I'm revising a lot of policies and procedures prior to the February 17 deadline, and many, many folks never did a risk analysis. Most covered entities have policies and procedures, but they were part of their original Privacy Rule compliance effort, and many of those don't have any of the policies required by the Security Rule.

With February 17 looming, now is a good time to dust those off and get them up to snuff.

Jeff [10:37 AM]

Comments: Post a Comment
http://www.blogger.com/template-edit.g?blogID=3380636 Blogger: HIPAA Blog - Edit your Template