outsourcing a process ... is compliant out of the boxâmonitoring software and vendors is essential to ... Look at the
Securing electronic protected health information (ePHI) Companies that need to comply with HIPAA often struggle to keep and maintain compliance. Work through this checklist to make sure you’re doing everything reasonable and appropriate to keep ePHI secure.
Train employees constantly Employees can’t abide by a security policy if they don’t understand how it plays out in their daily work. Make sure employees know the following: How to report a breach Who to contact if their laptop/hard drive/smart phone is lost or stolen How to dispose of unneeded ePHI Which devices they can use to access ePHI
Perform a security risk analysis HIPAA might not change, but your situation will. Any change within your company can expose your ePHI to unexpected risks. Reassess security after any of the following: High employee turnover—e.g., employees leaving or employees being hired New software or hardware—e.g., changing servers, installing a new application, or switching vendors Adapting business operations—e.g., new leadership, altered business strategy, or outsourcing a process
Assess software vendors Very little software is compliant out of the box—monitoring software and vendors is essential to maintaining HIPAA compliance. Look at the following aspects of your software vendors: Contracts with business associates The information they receive for testing and during training How they secure ePHI in motion
www.opin.com |
[email protected] | 952.567.2444 Copyright ® 2016 OPIN Systems, Inc. | 7900 International Drive Suite 410, Bloomington, MN 55425
