A comprehensive privacy and security program consists of written policies, standards, training, technical and procedure controls, risk assessment, auditing and monitoring, and the assignment of privacy- and compliance officers who are responsible for the management of the above. The privacy officer serves as the central person who is responsible for overall coordination of policies and procedures of the organization. Entities subject to HIPAA should also review their employee training programs, and determine whether it is time for updated training. The current privacy and security rules require covered entities to train workforce members as well as provide periodic security reminders. It is critical to sensitize employees to the potential consequences of improper uses or disclosures of PHI. As illustrated in this article, PHI must be handled with great care, and entities must respond to OCR inquiries adequately. Increased enforcement activity reemphasizes the need to take HIPAA compliance seriously.
Download full-text PDF |
Source |
|---|
Publication Analysis
Top Keywords
Similar Publications
Want AI Summaries of new PubMed Abstracts delivered to your In-box?
Enter search terms and have AI summaries delivered each week - change queries or unsubscribe any time!