In November 2011, the Office for Civil Rights began conducting HIPAA compliance audits. With fines for non-compliance often topping $1 million, it’s vital that your company is prepared:
- Ensure all your HIPAA-related policies and procedures are updated and compliant. Also think about other documentation an auditor may request, so that you can prepare it now.
- If you haven’t already, identify all vendors that handle protected health information and negotiate business associate agreements with each.
- Covered entities are required to periodically conduct a formal risk analysis. If you haven’t done one in the past year, do one now and document the entire process in case of an audit.
- Covered entities are also required to formally evaluate their program to ensure HIPAA compliance and compliance with recent changes suchas the HITECH Act. If you haven’t done this type of evaluation, do so now, document the process, and make changes to your policies and procedures as necessary.
- Make sure your employees are properly trained on HIPAA-related requirements and practices.
- An auditor will ask which individuals in your company can speak to each aspect of HIPAA implementation. Identify these subject matter experts and ensure they are properly trained.
- Explain the importance of timeliness to whoever may receive the initial audit communications—deadlines are generally short.
- You may also consider consulting with an attorney to ensure your company is complying with all HIPAA provisions and not at risk of crippling fines for noncompliance.
A recent survey by the Society for Human Resource Management about social media in the workplace revealed the following:
- 68 percent of organizations use social media for external communications, marketing or recruiting.
- The departments most likely to use social media on their company’s behalf were HR, marketing and public relations.
- The most popular social websites for external communications were Facebook®, LinkedIn® and Twitter™.
- 73 percent of respondents said their organizations do not offer social media training for employees who use social media for business use.
If your company has not yet joined the social media movement, consider looking into its many benefits for business. And whether you’re a social media beginner or veteran, be sure your company protects itself with comprehensive social media policies and employee training.
Download the pdf
