Privacy and security primer: Tips from the August 2014 issue of Briefings on HIPAA
HIM-HIPAA Insider, August 18, 2014
Want to receive articles like this one in your inbox? Subscribe to HIM-HIPAA Insider!
- Get back to basics and pinpoint what risk analysis, assessment, and management truly mean so you can adequately identify current risks and protect your organization from potential breaches.
- The terms risk assessment and risk analysis are often used interchangeably, but are in fact two different things.
- A risk assessment is part of an overall risk management program and should be an ongoing process.
- A combination of checklists, forms, and ongoing walk-around security reviews can often help with an assessment, but won't suffice for your analysis.
- A risk analysis is more in depth than a risk assessment—but just because it needs to be in-depth doesn't mean you should make it overly complicated.
- Risk assessment and analysis lead to risk management, and confusing the steps or skipping some of them can be costly.
- When identifying risks, be aware of all of the federal and state requirements with which healthcare organizations must abide.
- A risk analysis must be tailored to meet the needs of your organization and should be based on its size, complexity, and capabilities.
- If making sense of each and every definition and concept in the HIPAA Omnibus Rule seems overwhelming, just remember you're not alone. Your peers in privacy, security, and even IT may be feeling the pressure as well.
- Although security officers facilitate the risk management process, they must present their findings to senior leaders so the process of implementing or updating controls can be approved.
Continue reading "Privacy and security primer: Tips from the August 2014 issue of Briefings on HIPAA" on the HCPro website. Subscribers to Briefings on HIPAA have free access to this article in the August issue.
Want to receive articles like this one in your inbox? Subscribe to HIM-HIPAA Insider!
Related Products
Most Popular
- Articles
-
- Don't forget the three checks in medication administration
- Five ways to safeguard your patients' valuables
- Note similarities and differences between HCPCS, CPT® codes
- The consequences of an incomplete medical record
- Q&A: Primary, principal, and secondary diagnoses
- Skills of effective case managers
- OB services: Coding inside and outside of the package
- Nursing responsibilities for managing pain
- Practice the six rights of medication administration
- Reimbursement for Facility and Professional Services in a Provider-Based Department by Gina M. Reese, Esq., RN
- E-mailed
-
- Plan of Care Supports Documentation of Homebound Status
- Q/A: Coding infusions to correct low potassium levels
- Note from the instructor: CMS clarifies billing guidelines on proper billing for drugs in a single-dose or single-use vial, including billing for discarded drugs
- Neurological checks for head injuries
- Modifiers and medical necessity
- HIPAA Q&A: Cameras in patient rooms
- Follow these tips to properly report bladder catheter codes
- Examine cardboard boxes stored on floor to avoid infection control, life safety citations
- Differentiate between types of wound debridement
- Consider two options for coding Rho(D) immune globulin given in pregnancy
- Searched