Let’s talk about HIPAA Gap Assessments. First of all, what is it? HIPAA stands for Health Insurance Portability and Accountability Act. HIPAA (not HIPPA) requires organizations that handle electronic protected health information (another abbreviation for you: ePHI) to ensure that this information remains secure.
This is relevant for all of us – anyone who has seen a healthcare professional will have protected health information some place, and you don’t want it falling in the wrong hands. I remember in the old days going in for an annual exam and seeing the names of other patients with their respective diagnoses, plainly visible for all to see. Not that I knew any of these people, but what if I did?
The first step in HIPAA compliance is to assess the current state of an organization’s HIPAA readiness. We’re looking for administrative, technical and physical safeguards that are required by HIPAA and its HITECH updates. Any gaps have to be addressed.
Sidebar on HITECH: The Health Information Technology for Economic and Clinical Health (HITECH) Act, enacted as part of the American Recovery and Reinvestment Act of 2009, was signed into law on February 17, 2009, to promote the adoption and meaningful use of health information technology. (from the U.S. Dept. of Health and Human Services)
Some benefits of a HIPAA Gap Assessment:
- Gain an understanding of your organization’s compliance to the HIPAA Security Rule
- Identify and document a remediation plan that defines clear steps to attain HIPAA compliance
- Achieve credibility with customers, investors, partners, and creditors
- Demonstrate due care in your organization’s efforts to manage risk and compliance
Sr. Account Executive