IT | Security

Five HIPAA Activities You Should Do Now

By: Absolute Team | 8/28/2012

The Health Insurance Portability and Accountability Act (HIPAA) was enacted 16 years ago this August, with the HITECH Act "Omnibus" regulation, updating definitions and enforcement provisions in HIPAA, expected to be published this month. If this deadline is met, covered entities and associates would have until May 2013 to become compliant with the new provisions.

As we know from many actions in the last year, both HIPAA audits and enforcement of non-compliance issues are up, so now is an important time to pay attention to the changes in HIPAA and to truly become compliant.

HIPAA.com has put together 5 activities your organization should be doing in advance of the release of the Omnibus regulations:

  1. Conduct / update a thorough risk analysis for threats to protected health information (PHI)
  2. Document your privacy, security, breach notification policies and procedures
  3. Train your workforce members, including management, on privacy, security and breach notification policies
  4. Encrypt your protected health information on mobile and portable devices
  5. Remember that remediating breaches is costly, so upfront investment saves money

Visit HIPAA.com to learn more about why these activities are important and what specifically you should be doing.