PRO+ Premium Content/Pulse

Thank you for joining!
Access your Pro+ Content below.
May 2014

ONC's six ways to avoid surprises during an unannounced HIPAA audit

Security may not be a sexy project for IT to get excited about -- until something goes wrong. The trick is getting the attention of healthcare IT executives before a data breach happens. At HIMSS 2014, ONC Chief Privacy Officer Joy Pritts provided some tips to stay on track compliance-wise and avoid penalties. Joy Pritts ONC Chief Privacy Officer The first and most important item on the list? A security assessment. Then, documentation of the assessment and what your organization is doing to address the risks it uncovers. Pritts offered tips for performing a risk assessment that could help prevent data breaches and make sailing smoother in the event of an unannounced HIPAA audit, which the U.S. Department of Health and Human Services (HHS) is now empowered to do under last year's final HIPAA omnibus rule: Forget your facility's size. Factors such as organizational size do not negate the need for a security assessment. HHS makes tools and resources available for all HIPAA-covered entities. Moreover, ONC is working on new tailored ...

Features in this issue

News in this issue

Columns in this issue