{"id":17326,"date":"2015-07-16T15:36:04","date_gmt":"2015-07-16T19:36:04","guid":{"rendered":"https:\/\/www.glensfalls.com\/glensfallsbusinessjournal\/2015\/07\/business-report-are-you-prepared-for-a-hipaa-audit.html"},"modified":"2015-07-16T15:36:04","modified_gmt":"2015-07-16T19:36:04","slug":"business-report-are-you-prepared-for-a-hipaa-audit","status":"publish","type":"post","link":"https:\/\/www.glensfalls.com\/glensfallsbusinessjournal\/2015\/07\/business-report-are-you-prepared-for-a-hipaa-audit\/","title":{"rendered":"Business Report: Are You Prepared For A HIPAA Audit?"},"content":{"rendered":"<div class=\"img-left\">\n<div>\n<img loading=\"lazy\" decoding=\"async\" alt=\"josh koons adirondack tech c.jpg\" src=\"https:\/\/www.glensfalls.com\/glensfallsbusinessjournal\/wp-content\/uploads\/sites\/109\/2015\/07\/josh20koons20adirondack20tech20c.jpg\" class=\"aligncenter\" height=\"229\" width=\"150\">\n<\/div>\n<div class=\"img-caption\">Joshua S. Koons, director of business development, Adirondack Technical Solutions.\n<\/div>\n<\/div>\n<p>BY JOSHUA S. KOONS<\/p>\n<p>Are you HIPAA compliant? Do you need to<br \/>\nbe? Not sure? HIPAA security rules apply to all<br \/>\nhealth plans, healthcare clearinghouses, and to<br \/>\nany healthcare provider who transmits protected<br \/>\nhealth information (PHI) in electronic form, or<br \/>\nelectronic protected health information (ePHI).<\/p>\n<p>As the healthcare industry makes every effort<br \/>\nto stay current with technology, more regulations<br \/>\nare put in place to protect our personal data. With<br \/>\nthe passing of HITECH Act in 2009, the Office of<br \/>\nCivil Rights (OCR) is enforcing more HIPAA regulations<br \/>\nand handing out stiffer penalties than they<br \/>\never have before. In 2014, the OCR delivered over<br \/>\n$8 million in penalties to healthcare providers for<br \/>\nnon-compliant use and storage of personal date.<\/p>\n<p>The question is: How do you ensure that you<br \/>\nare staying compliant?<br \/>\nThe best practice that we can recommend<br \/>\nis to work with a qualified IT firm with a focus<br \/>\non cyber security. Today, your network not only<br \/>\nneeds to be reliable, fast, resilient and secure<br \/>\nbut, it also needs to be compliant. Work with a<br \/>\ncompany that has the tools to ensure your office<br \/>\nstays in compliance so that when you receive<br \/>\nnotice from the OCR that your audit is coming,<br \/>\nyou can rest easy.<\/p>\n<p>In addition, be sure that you have A Business<br \/>\nAssociate Agreements in place with all vendors<br \/>\nthat have access to PHI. This ensures that all<br \/>\nvendors you working with are adhering to all<br \/>\nHIPAA regulations. Lastly, having a third party<br \/>\nsecurity audit will not only show where you are<br \/>\nnot compliant but, it will also show your proactive<br \/>\napproach to staying in complaints.<\/p>\n<p>For some environments, this would be an ongoing<br \/>\nmonitoring of the environment, also known as<br \/>\nmanaged security. For others, a security assessment<br \/>\nmay be needed on a quarterly, semi-annual,<br \/>\nor annual basis depending upon the size and<br \/>\ncomplexity of the environment. Security assessments<br \/>\nare of great value but, at a very minimum<br \/>\nthe OCR recommends a few areas to focus on.<\/p>\n<p>The OCR has listed the most common errors<br \/>\nidentified among data breaches in a reports filed<br \/>\nhistorically:<\/p>\n<p>1. Risk analysis and management.<br \/>\nDo you have a plan that identifies all potential<br \/>\nrisks for compromising electronic or printed<br \/>\nPHI? When was the last time you reviewed it to<br \/>\nensure your policies and procedures address all<br \/>\nthe technology used by staff, from photocopiers<br \/>\nto smart phones? Do you know how often PHI is<br \/>\ntransmitted outside of the practice on a typical<br \/>\nday, and where it goes?<\/p>\n<p>2. Security evaluation.<br \/>\nNot taking proper precautions to safeguard<br \/>\nPHI when moving to a new office, installing or<br \/>\nupgrading equipment or software, can put protected<br \/>\ndata at risk. A security evaluation can help<br \/>\nidentify problems before they occur.<\/p>\n<p>3. Security and control of portable devices.<br \/>\nLost or stolen laptops, storage devices like<br \/>\nmemory sticks, and tablets containing unencrypted<br \/>\ndata, are the single most frequent cause<br \/>\nof data breaches.<\/p>\n<p>4. Proper disposal of data.<br \/>\nWhat happens with the patient data that no<br \/>\nlonger needs to be stored on a device? Your process<br \/>\nfor cleaning, purging and testing hard drives<br \/>\nbefore they are recycled or transferred to a third<br \/>\nparty should be well documented.<\/p>\n<p>5. Access control.<br \/>\nTake a walk through your office to see how<br \/>\nmany work stations stay on all day, even when<br \/>\nunattended. If you can see the screen, PHI on<br \/>\nthat computer may be visible to others.<\/p>\n<p>6. Training.<br \/>\nTrain new employees right away on policies<br \/>\nand procedures for appropriate and improper<br \/>\nuses of PHI, and the consequences of violating<br \/>\nthem for the organization and the individual.<br \/>\nIn the electronic age that we live in, businesses<br \/>\nare relying more and more on their data to be<br \/>\nelectronic. The protection of that data and the<br \/>\nsecurity of your network is critical to businesses<br \/>\npractices today.<\/p>\n<p>Koons is director of business development with<br \/>\nAdirondack Technical Solutions.<\/p>\n<p>Photo Courtesy Adirondack Technical Solutions<\/p>\n","protected":false},"excerpt":{"rendered":"<p> Joshua S. Koons, director of business development, Adirondack Technical Solutions.BY JOSHUA S. KOONS Are you HIPAA compliant? Do you need to be? Not sure? HIPAA security rules apply to all health plans, healthcare clearinghouses, and to any healthcare provider&#8230;<\/p>\n","protected":false},"author":88,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[9],"tags":[67,96],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v21.6 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\r\n<title>Business Report: Are You Prepared For A HIPAA Audit? - Glens Falls Business Journal<\/title>\r\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\r\n<link rel=\"canonical\" href=\"https:\/\/www.glensfalls.com\/glensfallsbusinessjournal\/2015\/07\/business-report-are-you-prepared-for-a-hipaa-audit\/\" \/>\r\n<meta property=\"og:locale\" content=\"en_US\" \/>\r\n<meta property=\"og:type\" content=\"article\" \/>\r\n<meta property=\"og:title\" content=\"Business Report: Are You Prepared For A HIPAA Audit? - Glens Falls Business Journal\" \/>\r\n<meta property=\"og:description\" content=\"Joshua S. Koons, director of business development, Adirondack Technical Solutions.BY JOSHUA S. KOONS Are you HIPAA compliant? Do you need to be? Not sure? HIPAA security rules apply to all health plans, healthcare clearinghouses, and to any healthcare provider...\" \/>\r\n<meta property=\"og:url\" content=\"https:\/\/www.glensfalls.com\/glensfallsbusinessjournal\/2015\/07\/business-report-are-you-prepared-for-a-hipaa-audit\/\" \/>\r\n<meta property=\"og:site_name\" content=\"Glens Falls Business Journal\" \/>\r\n<meta property=\"article:published_time\" content=\"2015-07-16T19:36:04+00:00\" \/>\r\n<meta property=\"og:image\" content=\"https:\/\/www.glensfalls.com\/glensfallsbusinessjournal\/wp-content\/uploads\/sites\/109\/2015\/07\/josh20koons20adirondack20tech20c.jpg\" \/>\r\n<meta name=\"author\" content=\"Amanda Delyser\" \/>\r\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\r\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Amanda Delyser\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\r\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.glensfalls.com\/glensfallsbusinessjournal\/2015\/07\/business-report-are-you-prepared-for-a-hipaa-audit\/\",\"url\":\"https:\/\/www.glensfalls.com\/glensfallsbusinessjournal\/2015\/07\/business-report-are-you-prepared-for-a-hipaa-audit\/\",\"name\":\"Business Report: Are You Prepared For A HIPAA Audit? - Glens Falls Business Journal\",\"isPartOf\":{\"@id\":\"https:\/\/www.glensfalls.com\/glensfallsbusinessjournal\/#website\"},\"datePublished\":\"2015-07-16T19:36:04+00:00\",\"dateModified\":\"2015-07-16T19:36:04+00:00\",\"author\":{\"@id\":\"https:\/\/www.glensfalls.com\/glensfallsbusinessjournal\/#\/schema\/person\/9d7e187e0edba5e188b14052e66c4fc5\"},\"breadcrumb\":{\"@id\":\"https:\/\/www.glensfalls.com\/glensfallsbusinessjournal\/2015\/07\/business-report-are-you-prepared-for-a-hipaa-audit\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.glensfalls.com\/glensfallsbusinessjournal\/2015\/07\/business-report-are-you-prepared-for-a-hipaa-audit\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.glensfalls.com\/glensfallsbusinessjournal\/2015\/07\/business-report-are-you-prepared-for-a-hipaa-audit\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.glensfalls.com\/glensfallsbusinessjournal\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Business Report: Are You Prepared For A HIPAA Audit?\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.glensfalls.com\/glensfallsbusinessjournal\/#website\",\"url\":\"https:\/\/www.glensfalls.com\/glensfallsbusinessjournal\/\",\"name\":\"Glens Falls Business Journal\",\"description\":\"\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.glensfalls.com\/glensfallsbusinessjournal\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.glensfalls.com\/glensfallsbusinessjournal\/#\/schema\/person\/9d7e187e0edba5e188b14052e66c4fc5\",\"name\":\"Amanda Delyser\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.glensfalls.com\/glensfallsbusinessjournal\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/4192a4b199506cdd7a2d2166c1a16dd3?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/4192a4b199506cdd7a2d2166c1a16dd3?s=96&d=mm&r=g\",\"caption\":\"Amanda Delyser\"},\"url\":\"https:\/\/www.glensfalls.com\/glensfallsbusinessjournal\/author\/amandadelyser\/\"}]}<\/script>\r\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Business Report: Are You Prepared For A HIPAA Audit? - Glens Falls Business Journal","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.glensfalls.com\/glensfallsbusinessjournal\/2015\/07\/business-report-are-you-prepared-for-a-hipaa-audit\/","og_locale":"en_US","og_type":"article","og_title":"Business Report: Are You Prepared For A HIPAA Audit? - Glens Falls Business Journal","og_description":"Joshua S. Koons, director of business development, Adirondack Technical Solutions.BY JOSHUA S. KOONS Are you HIPAA compliant? Do you need to be? Not sure? HIPAA security rules apply to all health plans, healthcare clearinghouses, and to any healthcare provider...","og_url":"https:\/\/www.glensfalls.com\/glensfallsbusinessjournal\/2015\/07\/business-report-are-you-prepared-for-a-hipaa-audit\/","og_site_name":"Glens Falls Business Journal","article_published_time":"2015-07-16T19:36:04+00:00","og_image":[{"url":"https:\/\/www.glensfalls.com\/glensfallsbusinessjournal\/wp-content\/uploads\/sites\/109\/2015\/07\/josh20koons20adirondack20tech20c.jpg"}],"author":"Amanda Delyser","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Amanda Delyser","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/www.glensfalls.com\/glensfallsbusinessjournal\/2015\/07\/business-report-are-you-prepared-for-a-hipaa-audit\/","url":"https:\/\/www.glensfalls.com\/glensfallsbusinessjournal\/2015\/07\/business-report-are-you-prepared-for-a-hipaa-audit\/","name":"Business Report: Are You Prepared For A HIPAA Audit? - Glens Falls Business Journal","isPartOf":{"@id":"https:\/\/www.glensfalls.com\/glensfallsbusinessjournal\/#website"},"datePublished":"2015-07-16T19:36:04+00:00","dateModified":"2015-07-16T19:36:04+00:00","author":{"@id":"https:\/\/www.glensfalls.com\/glensfallsbusinessjournal\/#\/schema\/person\/9d7e187e0edba5e188b14052e66c4fc5"},"breadcrumb":{"@id":"https:\/\/www.glensfalls.com\/glensfallsbusinessjournal\/2015\/07\/business-report-are-you-prepared-for-a-hipaa-audit\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.glensfalls.com\/glensfallsbusinessjournal\/2015\/07\/business-report-are-you-prepared-for-a-hipaa-audit\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.glensfalls.com\/glensfallsbusinessjournal\/2015\/07\/business-report-are-you-prepared-for-a-hipaa-audit\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.glensfalls.com\/glensfallsbusinessjournal\/"},{"@type":"ListItem","position":2,"name":"Business Report: Are You Prepared For A HIPAA Audit?"}]},{"@type":"WebSite","@id":"https:\/\/www.glensfalls.com\/glensfallsbusinessjournal\/#website","url":"https:\/\/www.glensfalls.com\/glensfallsbusinessjournal\/","name":"Glens Falls Business Journal","description":"","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.glensfalls.com\/glensfallsbusinessjournal\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/www.glensfalls.com\/glensfallsbusinessjournal\/#\/schema\/person\/9d7e187e0edba5e188b14052e66c4fc5","name":"Amanda Delyser","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.glensfalls.com\/glensfallsbusinessjournal\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/4192a4b199506cdd7a2d2166c1a16dd3?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/4192a4b199506cdd7a2d2166c1a16dd3?s=96&d=mm&r=g","caption":"Amanda Delyser"},"url":"https:\/\/www.glensfalls.com\/glensfallsbusinessjournal\/author\/amandadelyser\/"}]}},"_links":{"self":[{"href":"https:\/\/www.glensfalls.com\/glensfallsbusinessjournal\/wp-json\/wp\/v2\/posts\/17326"}],"collection":[{"href":"https:\/\/www.glensfalls.com\/glensfallsbusinessjournal\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.glensfalls.com\/glensfallsbusinessjournal\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.glensfalls.com\/glensfallsbusinessjournal\/wp-json\/wp\/v2\/users\/88"}],"replies":[{"embeddable":true,"href":"https:\/\/www.glensfalls.com\/glensfallsbusinessjournal\/wp-json\/wp\/v2\/comments?post=17326"}],"version-history":[{"count":0,"href":"https:\/\/www.glensfalls.com\/glensfallsbusinessjournal\/wp-json\/wp\/v2\/posts\/17326\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.glensfalls.com\/glensfallsbusinessjournal\/wp-json\/wp\/v2\/media?parent=17326"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.glensfalls.com\/glensfallsbusinessjournal\/wp-json\/wp\/v2\/categories?post=17326"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.glensfalls.com\/glensfallsbusinessjournal\/wp-json\/wp\/v2\/tags?post=17326"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}