What key players outside of IT should be on my HIPAA compliance team?
HIPAA Weekly Advisor, November 15, 2004
Want to receive articles like this one in your inbox? Subscribe to HIPAA Weekly Advisor!
I see a lot of organizations where HIPAA security compliance becomes an IT project. It definitely shouldn't be. Certain IT components must be in place to support certain initiatives, but for information security and HIPAA compliance success, HIPAA security must be pervasive throughout the organization.
This begins with upper management support, which hopefully most covered entities have by now. Without this support, you may have trouble getting buy-in from other departments. You should also include on your security committee a representative from every major department at your facility. The human resources, legal, and operations functions especially need to be involved.
Once you get the committee together (certainly not an easy task) and work toward common goals, there shouldn't be a single person in the organization who has access to PHI who is not at least familiar with basic computer security vulnerabilities.
Editor's note: This question was answered by Kevin Beaver, CISSP. This is not legal advice. Consult with your facility's legal counsel for legal matters.
Want to receive articles like this one in your inbox? Subscribe to HIPAA Weekly Advisor!
Related Products
Most Popular
- Articles
-
- HIPAA Q&A: Flu shot requirement for hospital employees
- Running an effective peer review committee meeting
- HealthDataInsights posts new issues for medical necessity claims
- Sneak Peek: Effort underway to establish caseload benchmarks
- Q/A: Coding for telescopic intraocular lens
- New FAQ posted on storing laryngoscope blades
- Tip: Perform your own internal investigation prior to government audit
- HIPAA 5010 deadline extended, but threat remains, says AMA
- HHS task force: Consider privacy, security with text messages
- What does case-mix index mean to you?
- E-mailed
-
- Running an effective peer review committee meeting
- HIPAA Q&A: Flu shot requirement for hospital employees
- HHS task force: Consider privacy, security with text messages
- What does case-mix index mean to you?
- Q/A: Coding for telescopic intraocular lens
- Q/A: Correct use of modifier -PT
- Tip: Correctly code bilateral pain management procedures
- "Wall fountains" may be spreading Legionnaires to patients, visitors
- 2012 CPT code changes for ASCs: Shoulder and knee scopes and pain management
- Case Management Monthly, March 2012
- Searched