Paubox blog: HIPAA compliant email made easy

One Major Part of HIPAA You May Be Missing

Written by Rick Kuwahara | July 30, 2015

The following post is a guest post contributed by Accountable, a HIPAA compliance startup focused on helping organizations manage the administrative elements of HIPAA.

 

 

Following the HHS guidelines to be HIPAA compliant is one of the most important steps an organization that interacts with PHI (protected health information) can take. You not only avoid potentially expensive penalties, but you can use HIPAA compliance as a way to market yourself and let your customers know that you value their privacy as well.    

 

One area of HIPAA compliance that is often overlooked are the Administrative Safeguards. Organizations need to accomplish the following to be compliant with the Administrative Safeguards:

  • Employee HIPAA Training - Organizations must provide an ongoing training to employees. Employees that have access to PHI, even if they do not access it on a daily basis, must complete training.
  • HIPAA Policies and Procedures - Policies and Procedures specifically state how an organization will operate to be HIPAA compliant. This outlines actions such as uses of PHI, how information is restricted, and what to do in the event of a breach.
  • Annual Risk Assessment - HHS requires organizations to go through an annual risk assessment. This can be a self assessment, or through a third party. Regardless, one does need to be done.
  • Assign a Privacy Officer - Organizations must have at least one person assigned as the ‘Privacy Officer’. This person is in charge of managing the organization’s compliance and the point of contact for breach notification.
  • Business Associate Agreements - Business Associate Agreements, or BAAs need to be signed and in place with any partner or organization that PHI is shared with.

 

What should you do if you realize there are Administrative areas where you are not compliant? There are a few different routes you can go. You can look at hiring an outside consultant or lawyer, however these options can be very expensive and may not be feasible for smaller organizations. Another route is the emergence of SaaS platforms to help guide companies in staying compliant. Accountable HQ, coined as “The TurboTax for HIPAA Compliance”, is an example of an online service that helps Covered Entities and Business Associates become HIPAA compliant. You can sign up for a free trial of Accountable HQ here or contact support@accountablehq.com with any questions regarding the service. If you use the coupon code ‘PAUBOX’, you will receive 10% off your first year of service.

 

About Accountable

 

Accountable was founded in 2013 by Kevin Henry and Keith Gee, who have combined years of experience in healthcare and law to build the leading solution in HIPAA compliance. 

Accountable is a HIPAA compliance startup focused on helping organizations manage the administrative elements of HIPAA.

If interested in learning more please visit

http://accountablehq.com

or

email chris@accountablehq.com.