What You Should DoBy Deborah Gage | Posted 2004-04-01 Email Print
Medical institutions have a lot of work to do to comply with the Health Insurance Portability and Accountability Act's security provisions by next April.To Meet HIPAA">
What You Should Do To
MEET HIPAA SECURITY REQUIREMENTS
ASSESS YOUR RISKS.
Get help to see where your network is vulnerablephysically, administratively and technically.
WRITE A SECURITY POLICY.
Who has access to what information? Should all employees be allowed to see autopsy reports?
CREATE OFFICE TO MANAGE PROJECTS.
Designate a person to keep track of compliance and its costs.
Figuring out the steps will help you find compliance holes. It'll also help you explain your actions in case you get sued.
Sources: Steven Weil of Seitel Leeds & Associates, Jon Bogen of HealthCIO.