With the sweeping changes that came forth as a result of HIPAA Omnibus Rule (due in place in all healthcare facilities by September 23, 2013), there are some definite items you will want to have ready for any impromptu HIPAA audit. As of January 2014, a federal HIPAA taskforce has been out and about enforcing the new HIPAA Omnibus Rule. Non-compliance can get you into hefty fines (ranging from $10K-1.5M) and a HIPAA audit that can range from 3 – 18 months’ time, continually managed by the HIPAA auditor. Don’t get caught unprepared!
Here are our top 10 recommendations to be looking good during any audit.
1. Have your team trained to HIPAA Omnibus Rule Standard with proof-of-training
2. Have a new HIPAA manual written to the new Omnibus Rule Standard
3. Have required Business Associates Agreement signed by your vendors and on file
4. Update and utilize a new Patient Acknowledgement Form written to the New Omnibus Rule Standard
5. Display the new Notice of Privacy Practices in your office and on your website
6. Complete your Data Backup and Contingency Plan in written format
7. Make sure you are encrypting outgoing email
8. Make sure your data backup is offsite and encrypted (cloud off site streaming is preferred)
9. Implement all protocols regarding Protected Health Information (PHI) within your office
10.Get help from an expert HIPAA coaching service if you are overwhelmed
Don’t wait for that dreaded phone call or visit from a Federal HIPAA Auditor, make sure you choose a HIPAA coaching service that will give you comprehensive training protocols. We love the comprehensive 2014 HIPAA Omnibus Rule Complete Compliance Package. Get hip to HIPAA, it’s the law!
Written by Jill Obrochta and Heather Whitt