HIPAA BEST PRACTICES

HIPAA Complaints Received by HHS Chart

• Enlist Professional Help – Someone who understands HIPAA/HITECH for legal review and advice.
• Employers with hazardous chemicals in the workplace must develop and implement a written hazard communication program and train employees on the hazards they are exposed to and proper precautions (and a copy of safety data sheets must be readily available). See the OSHA page on Hazard Communication.
• Conduct an annual risk assessment of systems and processes for handling/disposal of PHI (Protected Health Information).
• Conduct frequent testing and vulnerability scans on systems and computers.
• Make sure frequent penetration testing is completed and documented making proper corrective actions.
• Educate employees about HIPAA requirements and the importance of protecting the information.
• Encrypt all laptops including your personal one in case a staff member emails you or you access something from home. Remember PHI includes name, address, date of birth, social security number.