When comparing the HIPAA Rules – Privacy, Security, Omnibus and Breach Notification – to a half marathon, think about the following areas that must be taken into account to succeed in the “race”.

  1. Choosing a “training plan” that fits your life, or organization. HIPAA was created to have some flexibility with implementation and compliance, as no two organizations would be identical.
  2. Focus on mileage. When putting together a HIPAA compliance manual, along with policies and procedures and training for staff (HIPAA, security awareness, cybersecurity best practices), be consistent, taking baby steps in order to reach the achieved outcome.
  3. Stay strong. When it comes to HIPAA compliance there are requirements, addressable issues and implementation specifications that need to be put in place and will most likely involve other departments within the organization. Enlist them for assistance and don’t take no for an answer.
  4. Don’t be a one-pace pony. Maintain your ability to pick up the pace when it matters, especially when areas of high priority come first. If this is completing/updating the Disaster Recovery Plan and testing the plan given the cybersecurity incidents occurring, ensure this is top of the list and addressed.
  5. Find your pace. Through organizing, setting an outline for HIPAA compliance within your business, and staying on task completing policies and procedures, added security measures for systems and applications as well as the physical environment, at a natural tempo you will achieve HIPAA compliance.

Stay tuned for HIPAA 26.2!

HIPAA compliance isn’t a one-time checklist. It’s ongoing, programmatic in nature, and requires demonstrated reasonable diligence to stay in good standing with the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR). Anatomy IT can provide you peace of mind with our expert HIPAA compliance services. To learn more, contact us here.