By Jack Anderson
April 6, 2015
It is not just electronic patient records that need to be protected but also paper records. And you don’t have to worry only about your staff but also your business associates. Not only do you need a written business associate agreement defining the terms of their compliance activities you need to follow up and make sure they are living up to the agreement. The surest method is to ask them for a copy of their most recent HIPAA risk assessment not a HIPAA Checklist but an actual HIPAA risk assessment done to the NIST standards.
By the way, what is the date of your most recent HIPAA risk assessment? Periodic risk assessments followed up by a gap analysis of your risks and a plan to remediate those risks is a HIPAA requirement. Not only for you but also for your business associates.
Remember, in my last blog I talked about a study that showed that 65% of patients would consider leaving a practice that had a HIPAA breach. That makes the $12,000 look puny by comparison.
I don’t know the size of Dr. Beck’s practice but if it is a small practice they could get HIPAA compliant, stay compliant and prove compliance for as little as $19.95 per month. Take a look at www.compliancehelper.com or shoot me an email at Jack@compliancehelper.com