The HIPAA Compliance 10 Step Plan


The 10 Step Plan for Health Information Privacy and Security, from the U.S. Department of Health and Human Services, offers a framework for understanding HIPAA requirements, while setting out a process to follow.

If you think of the HIPAA law as a book, each step is a chapter.

Here are the steps, followed by our interpretions of meaning:

  1. Confirm you are a covered entity: Understand the breadth of HIPAA

  2. Provide leadership: Appoint a chief or two, or a whole squad

  3. Document your process, findings and actions: Specify what, why and where

  4. Conduct a security risk analysis: Think ahead, like a detective

  5. Develop an action plan: Plot steps with the resolve of thwarting thieves

  6. Manage and mitigate risk: Don’t slack; Stay vigilant

  7. Prevent breaches: Train staff to be enforcers

  8. Communicate with patients: Make sure they know their rights

  9. Update or execute Business Associate Agreements (BAAs): Hold Business Associates accountable

  10. Attest for the security risk analysis Meaningful Use objective: Transform daily communications; Prepare for a data-driven health system

Upcoming Webinars

april

07apr1:00 pm1:30 pmCOVID-19 - Privacy & Security Updates with Q&A

08apr3:00 pm3:30 pmCOVID-19 - Privacy & Security Updates with Q&A

Upcoming Events

april

07apr1:00 pm1:30 pmCOVID-19 - Privacy & Security Updates with Q&A

08apr3:00 pm3:30 pmCOVID-19 - Privacy & Security Updates with Q&A

10 Steps to Compliance
screen tagSupport
X