By Jack Anderson
June 26, 2014
We get lots of requests for our free HIPAA compliance checklist and we are happy to provide that service but it does not take the place of documenting and measuring your on-going compliance and demonstrating it with our The Compliance Meter ®. Assuring and proving HIPAA compliance is necessary because there is no HIPAA certification process for organizations. The proof of HIPAA compliance is the responsibility of each covered entity and business associate. Your healthcare business partners have the right and the obligation to make sure that you are living up to your HIPAA responsibilities. Vendor risk management is becoming a hot topic in healthcare and you can be assured that in the near future you will be asked to submit proof of your HIPAA compliance.
So how do you provide that proof? Well, first you have to show that you have a plan that is based on meeting the requirements. Secondly you need to be not only executing the plan but documenting your compliance activities. And finally you need to have this information organized so that you can quickly and clearly present the evidence or your compliance to either a regulator or a business partner. It is somewhat like showing up for an IRS audit with complete and accurate files that allow you to back up all of your deductions or showing up with a box of random receipts. Making the auditor’s job easier will make the auditor view your compliance efforts in a better light. You need to be able to quickly demonstrate that you have policies, procedures, and forms written or edited specifically for your organization. You need a copy of your latest risk assessment that should be less than a year old. You need proof of you employees training and awareness activities. The list goes on but I think you are getting the point.
One of the beauties of a SaaS model such as ours is that at a high level you can show your Compliance Meter ® on your website as an “at-a-glance” view of your current level of HIPAA compliance. In addition you can offer “drill down” views of your compliance by giving the auditor a read only password that allows them to view all of your compliance activities. This complete transparency is tremendously reassuring to your business partners and clients.
Compare this with offering to show your business partner or client a copy of your HIPAA compliance checklist and I think you can clearly tell which is superior.
Get compliant, stay compliant, and prove compliance with the HIPAAssure™ Compliance Meter ® from Compliance Helper