5 Steps Toward HIPAA Security

Ensuring security of electronic personal health information (PHI) is tough. A more stringent HIPAA Security Rule and news of PHI breaches raises anxiety in billing offices.

Healthcare IT News recently interviewed Mahmood Sher-Jan, vice president at ID Experts. In a copyrighted story, “5 Best Practices for HIPAA Security”, he shares these tips:

2017-code-book-bundles-728x90-01

  1. Take a PHI inventory. Sher-Jan told Healthcare IT News an accounting of every element of PHI an organization holds proves a valuable starting point. This helps to identify all the information that needs to be secured.
  2. Perform a HIPAA security evaluation. Sher-Jan recommends evaluating your organization’s security policies and procedures to assure they’re up-to-date. This means reviewing them for security in anticipation of external and internal events and changes.
  3. Conduct a HIPAA risk analysis. He suggests assessing the risks and vulnerabilities to the integrity of electronic PHI. Identify the threats, including those of emerging electronic media such as social media.
  4. Have a mitigation plan in place. Determine preventive measures to protect your electronic PHI. Have a compliance and mitigation plan that includes all aspects of the HIPAA Security Rule.
  5. Create an Incident Response Plan (IRP). Sher-Jan says this is the best way to meet HIPAA and HITECH requirements.

Latest posts by admin aapc (see all)

Leave a Reply

Your email address will not be published. Required fields are marked *