Progressive Computer Systems, Inc.
Call us: (919) 929-3080
  • Home
  • About Us
    • Our Team
      • Under Attack! – Book Release
    • Awards
    • Community Involvement
    • Referral Program
    • Testimonials
    • Join Our Team
      • Job Postings
  • Services
    • Complete List
    • Managed Services
      • ProgressiveCARE Managed Services
    • Cybersecurity
    • HIPAA Compliance
    • Cloud Services
    • IT Consulting
    • Email & SPAM Protection
    • Cabling & Internet Services
    • IT Outsourcing
  • Solutions
    • Strategic Planning
    • Business Continuity
    • IT Infrastructure
      • Why Use Progressive?
    • Network Security
      • Security Concerns
    • Virtualization
    • Business Assessments
    • Unified Communications
    • Hardware & Software
      • Recommended Equipment
  • Partners
  • Industries
    • Life Sciences
    • Health Care
    • Professional Services
    • Government & Education
    • Non-Profit
  • Resources
    • Professional Network
    • Under Attack! with Lisa Mitchell – Book Release
    • Blog
    • Newsletter Archive
    • COVID-19 Resources
  • Contact Us
    • Referral Form
  • Portal
    • Client Portal Login
    • Online Payment
Search the site...

Top 5 Actions To Enforce Your HIPAA Policies and Procedures

Without a doubt, your organization’s HIPAA Policies and Procedures are the “nuts and bolts” that keep your HIPAA Compliance Program on track and the basis for protecting you against costly HIPAA penalties.   But taking the time to define your organization’s Policies and Procedures requires forethought on how to respond appropriately to all of HIPAA’s requirements. That’s because your Policies and Procedures cover such a broad range of topics – including Access Control, Security Measures, Emergency Access, Integrity Controls, Risk Management, Breach Management, and Workforce Security – and not one of these can afford to be overlooked. However, once prepared, they provide your staff with a set of explicit guidelines to follow in order to limit the possibility of a breach occurring.

To give you a basic breakdown on how to approach your HIPAA Policies and Procedures, there are a few important standards to follow. First of all, they must be documented. This step is essential in making sure that you’ve addressed each of the necessary mandates found within the sections of HIPAA – such as the Privacy Rule, Security Rule, HITECH Act, Omnibus Final Rule, and Breach Notification Process – and to be careful that no aspect of the HIPAA guidelines are missed. To explain the difference between the two elements – Policies versus Procedures, your Policies are made up of a brief description of the rules your organization has defined to meet HIPAA requirements. These Policies are then supported by separate written Procedures, describing the steps your organization will take to comply with those Policies. While your Policies will seldom need to be adjusted, you must keep a close eye on your Procedures to make sure they remain sufficient to meet HIPAA requirements and to make adjustments whenever something significant occurs.

Your Policies and Procedures are more than just documents – in order to work, they actually have to become a part of your company culture.

Here are 5 things you can do to make your Policies and Procedures a part of your culture:

  1. Develop checkpoints throughout the year and assign responsibility to key individuals within your facility to maintain adherence among your entire staff.
  2. Provide documentation of how the Policies and Procedures are being enforced; like pages from your Visitor Log Book or Server Room Sign-in Sheet.
  3. Review established checkpoints on a monthly and quarterly basis for accountability.
  4. Look for updates throughout the year with HIPAA regulations and adjust your Policies and Procedures accordingly.
  5. Review your Policies and Procedures every year for any needed changes and take into account any new staff or staff that are no longer employed.

Keep in mind that your HIPAA Policies and Procedures are also what sets and defines your facility’s stance on security, proactive measures, periodic checkpoints for review, and disciplinary actions when needed. In addition, they define your facility’s responsibilities and obligations around protecting ePHI and outline the expectations for your staff in terms of meeting HIPAA Compliance regulations.

Lastly, making sure your staff abides by your HIPAA Policies and Procedures on a daily basis is now more critical than ever, as the Office of Civil Rights (OCR) has expanded their annual compliance enforcement audit program. The OCR has ramped up the search to find Covered Entities and Business Associates without the appropriate HIPAA Policies and Procedures in place, which could leave your facility at risk.

Simply having your Policies and Procedures on a piece of paper, stashed away in a filing cabinet is no longer enough. You need to bring your Policies and Procedures to life in order to fully protect your facility. To learn more about getting access to our templates for HIPAA Policies and Procedures, along with our HIPAA Compliance Services pertaining to IT, feel free to give us a call at (919) 929-3080 x 241.

YOURS FREE!

The 7 Most Critical IT Security Protections Every Business Must Have In Place. PLUS: Healthcare & Data Security chapter from the Bestseller, "Under Attack!"

Sign Up Now

Under Attack!

Now Available on AMAZON!

Recent Posts

Click here to view our recent posts.

Archives

Subscribe to Our Blog via Email

  • (919) 929-3080
  • (919) 929-3087
  • PCSsales@pc-net.com
  • PCSsupport@pc-net.com
  • Contact Us
    • Linkedin
    • Twitter
    • Facebook
Mailing address:
Progressive Computer Systems
615 Eastowne Drive
Chapel Hill, NC 27514
Directions

YOURS FREE !

The 7 Most Critical IT Security Protections Every Business Must Have In Place. PLUS: Under Attack! Book Chapter.
Sign Up Now for Your Free Chapter

HP Virtualization

© 2020 Progressive Computer Systems