Online Safety Community

A HIPAA audit is very important for service providing organizations, because the penalties for violations can bring their business down. It is important to understand the nuances of a HIPAA audit if one has to be successful.

A HIPAA audit is, for many service providing organizations, a make or break situation. This is because HIPAA audits are considered stringent. Violations can attract huge penalties, which is why getting it right the first time is extremely important. An entry level HIPAA violation can cost the organization upwards of $200,000, and the highest can run into multiple seven-figure amounts. So, an organization has to ensure that it gets its HIPAA audit right.

Risk analysis is the heart of the matter

Insulating oneself from heavy HIPAA audit violations requires service providers to be compliant with HIPAA audit requirements. Conducting a comprehensive risk analysis is the perfect solution to a HIPAA audit. These may appear to be no-brainers, but at its core, a HIPAA audit looks for these critical areas, so it is all the wiser for organizations to ensure these basic requirements to get the audit of their Security Rule and Privacy Rule right.

A thorough and comprehensive risk analysis has to be done to offset HIPAA violations, since a HIPAA audit can happen across the broad for a large number of parameters. HIPAA expects the service providers it audits to not only have these; they should also demonstrate so.

What practices are necessary for passing a HIPAA audit?

While being compliant with the risk analysis requirements is at the core of being compliant with HIPAA audit requirements; other tips can go some way in helping organizations understand ways by which to deal with HIPAA audits:

  • Any plans relating to the service provider's data management, security, training and notification should be documented
  • A secure access password policy has to be put in place
  • Although not a strict HIPAA requirement, encrypting Protected Health Information, irrespective of whether the PHI is in a database or in files on a remote server, is a good practice
  • Using SSL whenever there is web access of sensitive data is a good idea
  • Only some, select members of the organization should have knowledge of the techniques relating to encryption and the way they work
  • Scans and images should be encrypted and should contain no personally identifiable information
  • Avoid using public FTP
  • Only VPN access is best used for remote access
  • A disaster recovery plan should be documented

Read More : http://www.mentorhealth.com/control/w_product/~product_id=800893LIVE/

Views: 17

Comment

You need to be a member of Online Safety Community to add comments!

Join Online Safety Community

Take our poll!

Take our poll!

Latest Activity

John Robinson posted a blog post

The FDA's requirements for non-IND Foreign Clinical Studies

The FDA grants marketing approval for certain types of medical products whose application is the result of foreign clinical studies, provided the products and the clinical studies meet certain conditions. The types of medical productshttps://globalcompliancepaneltraining.files.wordpress.com/2017/12/the-fdas-requirements-for-non-ind-foreign-clinical-studies-2.jpg?w=800&h=504…See More
14 hours ago
Training Doyens posted events
15 hours ago
John Robinson posted blog posts
Friday
Russel Stuart posted events
Friday

Forum

PEGA Axis error: Parser already accessed

We have a PEGA frontend, from in which we're keying in double byte characters like japanese and being send to allotted java webservice through axis. this is working best when we ship singlebyte…Continue

Tags: pega_training, pega_online, pega

Started by Soujanya Naganuri on Thursday.

VMware player error on install vmware tools.

 I've installed the last version of VMware player (4.0.2) and created a virtual machine with ubuntu 10.04. However, some operations with …Continue

Tags: training, online, vmware

Started by emmablisa Dec 1.

All About QlikView

QlikViewQlik relies on sophisticated analytics that enables data discovery using an in-memory engine to analyze data for patterns not visible via SQL data structures or queries. The company’s two…Continue

Tags: Safety, Qlikview

Started by nicolewells Nov 25.

Occupational Health and Safety 5 Replies

Health and safety are important aspects of an organisation’s smooth and effective functioning.  Did you know that workplace health & safety injuries cost Australian businesses over $60 billion…Continue

Tags: Safety, and, Health, Occupational

Started by WHS Solutions. Last reply by Tara safe Nov 16.

QlikView for its Safety Strategic Business Intelligence Solution Worldwide

QlikTech (NASDAQ:QLIK), a leading…Continue

Tags: Qlikview, safety

Started by nicolewells Nov 15.

Badge

Loading…

© 2017   Created by Safety Community.   Powered by

Badges  |  Report an Issue  |  Terms of Service