Critical Time-Saving Secrets to Avoid HIPAA Penalties in Your Practice!!

Q: Why do I need HIPAA management; we are doing well already?

A: Most practices think they are doing well because luckily, they have not had anything happen. But the truth is, without professional, thorough assistance, most small practices have underlying vulnerabilities that open them up to HIPAA violations and are completely unaware they even exist.

Q: How often should I have a HIPAA Risk Assessment?

A: Unfortunately, HIPAA doesn't really tell you how often you should have a Risk Assessment, but the rule of thumb is once a year and after any changes you make in your practice. For example, your EMR or anything related to your computer network. HIPAA contains a LOT of grey areas, making it SO important to work with someone who has experience.

Q: I have a small, one doctor practice, do I need to hire a HIPAA Security Officer?

A: HIPAA requires you to have someone that is responsible for HIPAA. You may not have to hire a person that only covers your HIPAA requirements, but the individual really needs to have a good understanding of your practice in general and at least 65% of their job needs to be focused on HIPAA. You also should find a good partner or consultant that can help you manage all things HIPAA. With many practices increasing the use of technology, the need for a trusted partner or consultant to help you manage all things HIPAA can make a HUGE difference. Do not try to do this alone, you’ll find yourself frustrated and unaware of many risks that the Office for Civil Rights could fine you on later.