In a recent piece for the Dell Power More site, Shelly Kramer identifies the four main "rules" of HIPAA that each signal different issues for healthcare entities. While these come with their own restrictions and necessary practices, they also can be seen together as the key areas where providers and partners need to act for greater compliance. These individual components are the Privacy Rule, Security Rule, Breach Notification Rule and Patient Safety Rule.
To healthcare IT professionals, these names may be relatively self-descriptive, but each one has limitations that govern when it applies. The Patient Safety Rule, for example, specifically pertains to situations where patient information would be used for studies or research.
Combining proper knowledge of all of these tenets is necessary for a practice that satisfies all concerns. Following breach notification guidelines, for example, still holds even if an organization has made an effort to meet all existing security protocols.
LW Consulting can help providers by performing a HIPAA compliance audit, based on entity type, that measures readiness and assesses the level of compliance with the OCR Audit standards.
Last month, Jocelyn Samuels of the Department of Health and Human Services Office for Civil Rights highlighted the importance of a comprehensive approach to HIPAA, in light of a $218,000 settlement involving St. Elizabeth's Medical Center.
"Organizations must pay particular attention to HIPAA's requirements when using internet-based document sharing applications," Samuels said in a bulletin. "In order to reduce potential risks and vulnerabilities, all workforce members must follow all policies and procedures, and entities must ensure that incidents are reported and mitigated in a timely manner."
HIPAA violations can represent a serious gap in an organization's current compliance framework. LW Consulting can help providers by performing a HIPAA compliance audit, based on entity type, that measures readiness and assesses the level of compliance with the OCR Audit standards.