[ Thursday, February 04, 2010 ]
Five HIPAA Stumbling Blocks:
From Chris Apgar, via Dom Nicastro
- No risk analysis
- No policies and procedures
- No training
- No compliance audits
- No disaster/recovery plans
Right now, I'm revising a lot of policies and procedures prior to the February 17 deadline, and many, many folks never did a risk analysis. Most covered entities have policies and procedures, but they were part of their original Privacy Rule compliance effort, and many of those don't have any of the policies required by the Security Rule.
With February 17 looming, now is a good time to dust those off and get them up to snuff.
Jeff [10:37 AM]
Blogger: HIPAA Blog - Edit your Template