By Art Gross, President and CEO, HIPAA Secure Now!
Twitter: @HIPAASecureNow
Read other articles by this author
Let’s wrap up 2022 with some end-of-year tasks you’ll want to check off of your list if you’re in the business of healthcare!
Training Program
HIPAA compliance requires a training program. This means ensuring that your existing staff has completed their training annually and making sure that any new hires have been trained as well.
Have you put your 2023 HIPAA Training program in place yet? Contact HIPAA Secure Now to do that for you – one less thing on your to-do list! We cover HIPAA and cybersecurity so that your team is ready to fend off the increasing threat of cybercrime. Healthcare remains a target and offsetting the risk of a breach is a necessity in the healthcare industry landscape.
Certifications & Licenses
Is your staff current on all their required certifications and licenses? If you don’t have a log of who has what, and when the renewal or expiration is for everyone, create one now. Use calendar invites and reminders to keep everyone in the loop and up to date.
Review which programs you use and those that have been updated to include new material or additional certifications. Is there a new service that you’d like to include for your patients? Make sure that you are ready not just with the right equipment, but also with the right team members that can provide the service safely.
Consider adding a cybersecurity training certification requirement to your existing hires and any new hires that you add moving forward.
Legally Speaking
Did your state, local, or even Federal government create new rules, regulations, laws, or guidelines? Are they applicable to how you do business and your industry? Do you report to a parent company that has created new policies and procedures that will affect you? If so, are you in a clear understanding of those, and have you reviewed how to adjust your business? Have you relayed the updates to your team? HIPAA Secure Now can help you with this when it comes to new your HIPAA program.
Security Risk Assessment
Perhaps one of the biggest tasks that you will tackle is your Security Risk Assessment or SRA. Factors surrounding your business have likely changed in a calendar year and should be reviewed. Doing this on an annual basis allows you to review what went well, or what didn’t, and how to remedy any areas that need addressing. This includes risk assessments that capture potential HIPAA violations or risk factors within your business environment. This is a requirement for covered entities as well as business associates. Administrative, physical, and technical safeguards should be included in the SRA. Don’t look at this in a negative way, or as a burden to bear – this is a huge benefit to your business! Finding issues before they become problems is one of the best things any business can do for its success.
Telling the Team
Draft an end-of-year notice to your team that underlines their involvement in successfully completing these tasks. This is an ideal opportunity to remind them of certification and license renewals, training, company policy changes, and even company holiday dates so that you can all move into 2023 informed and on the same page. It is the group effort that keeps your business running efficiently and also which keeps it safe and secure.
This article was originally published on HIPAA Secure Now! and is republished here with permission.