DOTmed Home MRI Oncology Ultrasound Molecular Imaging X-Ray Cardiology Health IT Business Affairs
News Home Parts & Service Operating Room CT Women's Health Proton Therapy Endoscopy HTMs Pediatrics
SEARCH
Current Location:
>
> This Story


Log in or Register to rate this News Story
Forward Printable StoryPrint Comment
advertisement

 

advertisement

 

Health IT Homepage

Healthcare devices vulnerable due to legacy Windows operating systems: survey As Microsoft phases out old products, the install base remains

Verasonics settles legal dispute over software with SuperSonic Imagine Alleged patent infringement and misappropriate of trade secrets

Five tips for launching a successful virtual care program Telemedicine is revolutionizing the healthcare landscape

Surgical Theater showcases first 360-degree AR patient engagement solution Enables users to walk 'inside' specific anatomy of patient

Smart communication with real-time situational awareness can help hospitals counter safety risks

Lack of AI security puts IoT medical devices in danger of cyberattacks New report highlights evolving risks in healthcare

New DICOM design flaw spells potential risks for image storing and sharing Enables hiding, protection and spread of malware

HDOs: Address IoT security governance today for a more secure tomorrow Implementing a solid program is the best defense against attack

VisualDx to develop decision support platform for ultrasound in space Provide basic guidance on ultrasound interpretation

HHS releases second draft of TEFCA for nationwide interoperability Requirements for sharing electronic health information

Three recommendations to better understand HIPAA compliance

By Carol Amick

According to the United States Department of Health and Human Services, approximately 70 percent of organizations are not HIPAA compliant. The Health Insurance Portability and Accountability Act, known as HIPAA mandates industrywide standards for health care information and electronic billing, and requires protection, as well as confidential handling, of protected health information. According to HIPAA rules, any company that deals with protected information must have a physical network and process security measures that are followed to ensure compliance. It may be safe to say that many organizations are still perplexed about HIPAA audits, enforcements and compliance. As a result, the number of organizations that fail to meet compliance each year remain the majority. To begin understanding compliance, healthcare organizations would be wise to consider three key recommendations.
Story Continues Below Advertisement

THE (LEADER) IN MEDICAL IMAGING TECHNOLOGY SINCE 1982. SALES-SERVICE-REPAIR

Special-Pricing Available on Medical Displays, Patient Monitors, Recorders, Printers, Media, Ultrasound Machines, and Cameras.This includes Top Brands such as SONY, BARCO, NDS, NEC, LG, EDAN, EIZO, ELO, FSN, PANASONIC, MITSUBISHI, OLYMPUS, & WIDE.


1. Analyze the past, to avoid making the same mistake twice
It is important for hospitals and healthcare facilities to look at some of the common mistakes that are repeatedly noted in HIPAA security reviews. HIPAA states that out of all the reviews completed, there are a number of frequent compliance violations and issues that are found each year. This includes impermissible uses and disclosures of protected health information, lack of safeguards to protect health information, lack of patient access to their personal health information, lack of administrative safeguards on electronic protected health information, and use or disclosure of more than the minimum protected health information. Protecting valuable data by analyzing past mistakes is an important step in the compliance process.

2. Perform a risk assessment and GAP analysis
One preventative measure in assessing an organization’s compliance with HIPAA is a risk analysis and a GAP analysis. The confusion and lack of understanding around the two examinations has been common among healthcare professionals in the marketplace for some time. Not understanding the differences can be detrimental to an organization, and puts it at a significantly higher risk. According to HHS and OCR guidelines, all healthcare organizations must specifically conduct a risk analysis to be deemed within HIPAA compliance.

A HIPAA GAP analysis can be used to measure the organization's information security standing against HIPAA, which is part of HHS audit protocol. Comparing the organization’s current practices to the HHS OCR audit protocol will identify the strengths and weaknesses of the security program. From there, the organization can determine whether they have reasonable and appropriate administrative, physical and technical safeguards in place to protect patient health. Performance of the GAP analysis also allows the organization to develop an audit response toolkit, which includes the data and documentation that would be able to support compliance with the HIPAA regulations to regulatory agencies.

  Pages: 1 - 2 >>

Health IT Homepage


You Must Be Logged In To Post A Comment

Advertise
Increase Your
Brand Awareness
Auctions + Private Sales
Get The
Best Price
Buy Equipment/Parts
Find The
Lowest Price
Daily News
Read The
Latest News
Directory
Browse All
DOTmed Users
Ethics on DOTmed
View Our
Ethics Program
Gold Parts Vendor Program
Receive PH
Requests
Gold Service Dealer Program
Receive RFP/PS
Requests
Healthcare Providers
See all
HCP Tools
Jobs/Training
Find/Fill
A Job
Parts Hunter +EasyPay
Get Parts
Quotes
Recently Certified
View Recently
Certified Users
Recently Rated
View Recently
Certified Users
Rental Central
Rent Equipment
For Less
Sell Equipment/Parts
Get The
Most Money
Service Technicians Forum
Find Help
And Advice
Simple RFP
Get Equipment
Quotes
Virtual Trade Show
Find Service
For Equipment
Access and use of this site is subject to the terms and conditions of our LEGAL NOTICE & PRIVACY NOTICE
Property of and Proprietary to DOTmed.com, Inc. Copyright ©2001-2019 DOTmed.com, Inc.
ALL RIGHTS RESERVED