Is your dental office ready for a HIPAA Audit? Do you know what HIPAA Auditors will be looking for within your dental office?
HIPAA laws all changed as of September 23, 2013. The new HIPAA Omnibus Rules can be overwhelming, confusing and difficult to implement.
It’s important to get your entire team trained up on these new HIPAA Omnibus Rules and also be aware of what HIPAA Auditors will be checking for at your dental office. Finding a HIPAA Compliance Training Company that will provide comprehensive insight on these new HIPAA laws is critical. Listed below are HIPAA Auditors top (6) favorite finable HIPAA offenses:
1. Implementing all new HIPAA Omnibus Rules within your office— This means having all new forms and written policies to the new HIPAA Omnibus Rule standard in place and functioning within your dental office. This will include: new Patient Forms, New Proof-of-Employee Training and even new Vendor Confidentiality Agreements to protect your patient’s private information.
2. New HIPAA Manual written to the new Omnibus Rule Standards— With HIPAA laws changing to this new Omnibus Rule Standard all of your HIPAA required forms and policies within your HIPAA Manual will need to be revised and updated. Best to update and obtain a new one. Also, keep in mind that several forms will need to be updated for patients, employees and vendors with regards to HIPAA.
3. New HIPAA Omnibus Rule Forms— As aforementioned, you will need new forms for all patients to sign, a new notice of these HIPAA Omnibus Rules, and Business Vendors as well as Employees will need proof-of-acknowledgement that they understand how to handle and protect Patient Protected Heath Information (PHI).
4. Daily Data Back-Up & Contingency Requirements— This is a grey area that leaves a lot to interpretation. But it is also one of the first areas that a HIPAA Auditor will look into. Make sure you understand how to best have your data backed-up to the standard: “Off-Site & Encrypted”. Best Practices will have you backing up to a cloud that is either “live-cloud streaming” or “snapshot” of your important business and patient data. Talk to a HIPAA internet expert to make sure you get this one right!
5. Encryption on Out-Going Emails from your office— If your office uses outgoing email accounts like: Gmail, Hotmail, Yahoo or Aol, and you send patient info within these emails, you will need to add an encryption software to your outgoing emails. Your current dental software provider, dental supplier or IT tech can help you secure this HIPAA required service. Good news is that is does not cost much. Usually just $2-$3 per month.
6. Updates to your Microsoft XP Software— As of April 8, 2014 dental offices using Microsoft XP will no longer be HIPAA compliant. Microsoft will stop providing free updates forcing dental offices to comply with the new Federal Standards. If you are using computers within your dental office, you must have HIPAA compliant software operational within your office. Upgrading to Windows 7 or 8 will do the trick. These are written to the new HIPAA compliance standard.
How do you feel now? Are you HIPAA Auditor ready? If not, stop stalling! Find a HIPAA Expert that can help you scrutinize your HIPAA protocols and provide all of the forms, training and guidance you will need. Get “hip” to the new HIPAA Omnibus Rules.
Written by Jill Obrochta and Heather Whitt of Dental Enhancements.