• E-mail
• Print
• RSS

PPV: Prepare for a security audit

EHR Connection, June 16, 2008

The secret to handling a potential security audit is preparation. So, prepare your policies and procedures. Prepare your documentation. Prepare your systems and your staff. Discover where your problems are pronto, because the HIPAA security rule could come knocking at your door—and it had better be password-protected.

“Being audit-ready isn’t one of these two-minute drills where everybody is rushing around. [An organization] should be audit-ready at all times, especially in today’s environment, where we have more and more electronic interchange of information and where there is increased consumerism in healthcare and hyped media coverage of privacy and security breaches,” says John C. Parmigiani, MS, BES, president of John C. Parmigiani & Associates, LLC, in Ellicott City, MD, and chair of the governmentwide team that created the security rule, and a speaker during the April 9 HCPro audioconference, “HIPAA Security Rule Enforcement: Prepare for an Audit at Your Facility.”

It is more important than ever to secure your healthcare information—and not simply because of looming CMS or Office of Inspector General (OIG) audits. Often, it is the chance that your facility could experience bad PR that frightens covered entities the most. “No one wants to have a 60 Minutes moment or a headline in The New York Times,” says Parmigiani.

Click here to learn more about protecting information in a changing technological environment.

The cost is $10. Briefings on HIPAA subscribers can sign on for free access.

• E-mail to a Colleague
• Print
• RSS
• Archive