By Aris Medical Solutions
HIPAA encompasses many aspects. Risk assessments, risk management, and your policies, procedures, documentation are the backbone of compliance.
Most medical providers don’t think about compliance until they are audited. By that time it is too late to mitigate any issues that you may have. The main misconception is that “it will never happen to me”.
A random audit is possible but relatively a low probability. A compliance audit is typically initiated by a disgruntled employee, a patient that feels their privacy has been violated, or a data breach. Once the HIPAA violation is reported then the Office for Civil Rights (OCR) will determine if the complaint will need to be investigated. If it does, depending on the documentation that you provide, will determine whether or not a desk audit will be issued. This is where your policies and procedures are critical. If your employees understand what they need to do, how to do, and what needs to be documented, your chances of a desk audit is greatly reduced. The OCR understands that people make mistakes, but if you don’t learn from them, they will fine you heavily!
Note to self… if you recognize a problem, address it, correct it, and learn from it.
You can survive a audit with proper documentation!
For more information on how Aris Medical Solutions can help your organization with HIPAA Compliance and Protecting your Data click here call 877.659.2467.
“Protecting Organizations through Partnership, Education, and Support”
