As I wrote on Facebook and Twitter last week, The Office of Civil Rights (OCR) was busy sending letters out to covered entities. A total of 167 letters were emailed notifying the recipients that they are required to provide detailed information about their HIPAA Policies. An example follows:
If you were lucky enough to not receive this letter, then that’s good! BUT DON’T STOP PREPARING! The OCR has the authority to audit your HIPAA policies and plans at any time. Make sure you are ready and prepared for the next round.
Here is a list of areas to focus on:
- Dust off your latest HIPAA compliance assessment.
- Make sure your staff is properly trained! And they have current training certificates.
- Are your disks encrypted on all your PCs and Macs? Are passwords required to log in and screen savers enabled?
- Also, get your HIPAA Security and Privacy Plan audited! Show intent that you want to be compliant and get that plan updated.
Use this time to get your HIPAA ship in order, because you could be selected in the next batch. We are here to partner with you and help get you get compliant. We can do this together!