Second is patient rights to their records. There are new requirements for electronic records. These requirements are often not being followed by practices subject to HIPAA regulations. If you have had a breach of patient data security and either don’t know it or have simply disregarded it, you could have critical problems during an audit. Data breach notification regulations have changed since 2009 and the OCR will want to know that you have a clear policy in place for data breach notifications.
We won’t list myriad examples of fines incurred by audit failure. We believe you understand the risk. You should know, however, that it is relatively easy for anyone to file a complaint on-line through the Office for Civil Rights. What you may not understand – and where we can help you – is the technical preparation necessary for a HIPAA audit. So let’s briefly describe what is needed and what is involved.
Data Encryption and Data Security
Data travels. By that we mean that a significant amount of work by employees is completed at home or on the road through the use of portable laptop computers. These devices can sometimes be misplaced or stolen. In addition, hackers can worm their way into data held within a medical practice or facility. In either situation, the need to have all data encrypted is critical. Encryption is coded data that is not accessible except by the owner or custodian: in this case a doctor’s practice, a medical or surgical facility, even a pharmacy.
Encryption not only protects patient data, but it protects the Covered Entity against having to report a lost or stolen device. Encryption is much less expensive than HIPAA penalties. You probably don’t know how to encrypt medical data and make it secure. We, at Garner IT Consulting, do. That’s our job: to encrypt and secure your patients’ data so that you can go about your job of healing them.
Here’s How to Prepare Now and Be Ready for an Audit with NO PROBLEMS
- Immediately schedule a thorough and accurate Security Risk Analysis. Couldn’t you do your own and save money? But the U.S. Department of Health and Human Services has stated this for guidance: “Doing a thorough and professional risk analysis that will stand up to a federal compliance review will require expert knowledge that can be obtained through services of an experienced outside professional.” With Garner IT Consulting, we’ll get you ready, keep you ready, and be there when the auditors arrive. That’s our guarantee; That’s your security!
- Fix the problems identified in the Security Risk Analysis. HIPAA laws are targeted at risk management for two reasons. First, security. Security of your patients’ records. Second, compliance. Compliance is how the feds know those records are secure. Even if there have been years of neglect, better to update and fix those problems now. We’ll help you do it in the MOST COST EFFECTIVE WAY, because we know HIPAA compliance isn’t the only concern that you have.
- Encryption is one of the first starting points. Let’s get all of your data encrypted…so it is protected.
- Then let’s review and improve (if necessary) your Notice of Privacy Practices statement. Let’s also have a close look at your Business Associate Agreements. And we will also carefully examine your Data Breach Notification policies and procedures.
At Garner IT Consulting, we know HIPAA. We are ready to help you today. Just give us a call and we’ll set up a FREE consultation to show you how our HIPAA Security Services program works. In addition, here is an important TIP: Let your staff know that a letter from the federal government’s OCR could arrive in the mail requesting audit materials. Odds are it won’t arrive soon, but you would not want to miss such an important, time-sensitive document.
At Garner IT Consulting, our business is more than just business. We look out for our Bay County and Northwest Florida friends and neighbors. It just happens that IT Consulting is our professional specialty. Give us a call at 850.588.3540 or drop by our offices at 1330 Harrison Avenue, Panama City, Florida. We will evaluate and prepare your records so that you’ll be completely ready for any HIPAA audit. That’s the security your looking for! That is the service that we can provide.
Best wishes from Randall and Julie Garner and the entire Garner IT family