HIPAA EMPLOYER - ABOUT HIPAA SECURITY

Would you know if ePHI was accessed inappropriately?

Access control is a key component of the Security Rule. This doesn't require you to install lots of new technology, but it does require you to think through who should have access (and who shouldn't). Don't share passwords, use screen saver passwords, etc.

Have you amended all your Business Associate agreements for the Security Rule?

Your Business Associate Agreements should have language requiring them to adhere to the provisions of the Security Rule in addition to the Privacy Rule. For instance - Business Associates are required to notify you of any security breaches. Since, in many cases, the majority of ePHI that is associated with a group health plan is handled in large part by their Business Associates (brokers, TPA's, etc), it's critical that employers ensure this piece of documentation is in place.

These are just some of the most common HIPAA issues facing employers. It's by no means complete, but intended to alert those employers who may be thinking they have nothing to do - when, in fact, they do have some work ahead of them. The most important part of the regulation is to perform (and document!) a risk assessment. All other activities flow from this document.

About Us

The mission of HIPAA Solutions Rx is to provide a cost effective solution to the challenges raised by HIPAA compliance. Visit us on the web (www.hipaarx.net) or call us today (866-447-2211) to find out how we can ease the burden of compliance. We've already helped thousands of employers - large and small. Let us help you too!

<Previous     Page 4 of 4     Home>