No doubt, your organization has some sort of playbook in place to comply with the Health Insurance Portability & Accountability Act (HIPAA), but with the field of privacy and security changing daily, new risks abound. Some are driving down midfield; some are lurking on the sidelines, for now.
With more than a decade of HIPAA and its Privacy and Security Rules practice under our belts, you’d think that healthcare organizations would have the compliance part down cold. Unfortunately, that’s not the case. Much like that 250-pound defensive end, The Department of Health and Human Service’s Office for Civil Rights (OCR) is out there actively enforcing HIPAA every week. In 2014, the OCR tackled 14,293 enforcement resolutions and took corrective action on 3,472. That equates to more than nine every day of the year, proving that there is no off-season when it comes to HIPAA!
Whether you look at these risks as threats or opportunities, there are three things you can do now to enhance your existing HIPAA compliance efforts.