Online Safety Community

A HIPAA audit is very important for service providing organizations, because the penalties for violations can bring their business down. It is important to understand the nuances of a HIPAA audit if one has to be successful.

A HIPAA audit is, for many service providing organizations, a make or break situation. This is because HIPAA audits are considered stringent. Violations can attract huge penalties, which is why getting it right the first time is extremely important. An entry level HIPAA violation can cost the organization upwards of $200,000, and the highest can run into multiple seven-figure amounts. So, an organization has to ensure that it gets its HIPAA audit right.

Risk analysis is the heart of the matter

Insulating oneself from heavy HIPAA audit violations requires service providers to be compliant with HIPAA audit requirements. Conducting a comprehensive risk analysis is the perfect solution to a HIPAA audit. These may appear to be no-brainers, but at its core, a HIPAA audit looks for these critical areas, so it is all the wiser for organizations to ensure these basic requirements to get the audit of their Security Rule and Privacy Rule right.

A thorough and comprehensive risk analysis has to be done to offset HIPAA violations, since a HIPAA audit can happen across the broad for a large number of parameters. HIPAA expects the service providers it audits to not only have these; they should also demonstrate so.

What practices are necessary for passing a HIPAA audit?

While being compliant with the risk analysis requirements is at the core of being compliant with HIPAA audit requirements; other tips can go some way in helping organizations understand ways by which to deal with HIPAA audits:

  • Any plans relating to the service provider's data management, security, training and notification should be documented
  • A secure access password policy has to be put in place
  • Although not a strict HIPAA requirement, encrypting Protected Health Information, irrespective of whether the PHI is in a database or in files on a remote server, is a good practice
  • Using SSL whenever there is web access of sensitive data is a good idea
  • Only some, select members of the organization should have knowledge of the techniques relating to encryption and the way they work
  • Scans and images should be encrypted and should contain no personally identifiable information
  • Avoid using public FTP
  • Only VPN access is best used for remote access
  • A disaster recovery plan should be documented

Read More : http://www.mentorhealth.com/control/w_product/~product_id=800893LIVE/

Views: 17

Comment

You need to be a member of Online Safety Community to add comments!

Join Online Safety Community

Take our poll!

Take our poll!

Latest Activity

Madison Quinn posted an event

Pega Robotic Automation BPM Online Training at Online

October 20, 2017 all day
Pega Robotic Automation is equipped with an operating system that allows organizations to control all their robotics processes from a location. In combination with the Pega 7 BPM platform and case management applications, companies can seamlessly integrate human actions with robot automation for optimal workflow.Pegasystems introduces Pega Robotic Automation. It is now fully merged and available on the Pega 7 platform for case and business process management (bpm) and the portfolio of customer…See More
12 hours ago
Adam Fleaming posted a blog post

Learn How to Prevent Quality and Compliance Problems by having a strong system for Purchasing Controls!

In this era of globalization; outsourcing has become a major component of business. Outsourcing brings many benefits for companies. Short and long-term cost benefits, the ability to concentrate on their core activities and grow their business, and the freedom of avoiding the actual tasks that go into manufacturing are some of the stated…See More
yesterday
John Robinson posted blog posts
yesterday
Training Doyens posted events
yesterday

Forum

Risk Management Solutions

Risk is defined as the potential hazard, harm or side effect of an activity. Almost all activities come with some or another form of risk, which needs to be mitigated or eliminated. Risk management…Continue

Tags: risk, Banking, management, healthcare, Process

Started by John Robinson on Tuesday.

Occupational Health and Safety 4 Replies

Health and safety are important aspects of an organisation’s smooth and effective functioning.  Did you know that workplace health & safety injuries cost Australian businesses over $60 billion…Continue

Tags: Safety, and, Health, Occupational

Started by WHS Solutions. Last reply by John Robinson on Monday.

Introduction to PEGA-PRPC

Pega/PRPC is a popular rules engine and BPM tool from Pega systems that is gaining good market share among large corporations. Architects and developers build the Pega/PRPC instance while…Continue

Tags: training, course, online, pega

Started by Soujanya Naganuri Oct 6.

Introduction to PEGA-PRPC

Pega/PRPC is a popular rules engine and BPM tool from Pega systems that is gaining good market share among large corporations. Architects and developers build the Pega/PRPC instance while…Continue

Tags: training, course, online, pega

Started by Soujanya Naganuri Oct 6.

Introduction to PEGA-PRPC

Pega/PRPC is a popular rules engine and BPM tool from Pega systems that is gaining good market share among large corporations. Architects and developers build the Pega/PRPC instance while…Continue

Tags: training, course, online, pega

Started by Soujanya Naganuri Oct 6.

Badge

Loading…

© 2017   Created by Safety Community.   Powered by

Badges  |  Report an Issue  |  Terms of Service