USA: Ready for a HIPAA Audit?

The following article was provided to us by Asinta Partner in the United States, Alliant.

For some employers, a HIPAA audit could be right around the corner. Even if you think you are meeting all of the requirements, there is always fear you may have missed something. Here are a few tips you need to keep handy in case your organization is audited:

1. Ensure Privacy: The OCR (Department of Health and Human Services’ Office of Civil Rights) focuses on individual rights, so compliance with access and corrections to an individual’s protected health information (PHI), as well as with the HIPAA Privacy Notice requirement, are important. Ensure you have established policies that address these.
2. Increase Security: An OCR security audit is going to primarily focus on your IT department and the steps you have taken to ensure electronic PHI (e-PHI) remains confidential and secure. Confirm your organization has established a comprehensive plan that covers the security and integrity of PHI, protects against anticipated uses or disclosures not otherwise permitted, and ensures that the employees who handle e-PHI are in compliance.
3. Cover Your Bases: Make sure you are prepared in all areas the audit may look into including privacy, security, and portability touches such as special enrollment rights and limits on pre-existing conditions.

If you feel your organization isn’t ready for a HIPAA audit, ask how Alliant can help. From consulting to a comprehensive HIPAA Toolkit, we can help you create a compliant HIPAA infrastructure. You can get in contact with Alliant via their contact page here.

You can read the full PDF of this article here.