Looking for a Business Associate Agreement? Download our FREE template.

Free BAA Download
Total HIPAA Logo

HIPAA Compliance Must Be Updated As Technology Evolves

The HIPAA Security Rule was enacted in 2003. Since then, there have been two major changes to the Rule, first in 2009 with the HITECH Act and most recently in 2013 with the Omnibus Ruling. But, with the pace technology moves, HIPAA has had a hard time keeping up with the changing times. Since HIPAA was proposed in 1998, there have been many significant technology revolutions that have dramatically changed the way we socialize and do business. Here are just a few:

1995 – AOL.com launches
1998 – Google founded
2004 – Facebook founded
2005 – YouTube launched
2007 – First iPhone released
2009 – Cloud computing gains traction
2010 – Healthcare providers begin storing health records electronically

Even though the HIPAA Rules may not address the changing landscape of technology, it does give you a great framework to help your company navigate these uncharted waters.

How do you stay ahead of it all?

According to Tom Walsh, in his December 25, 2015 interview with Marianne Kolbasuk McGee for Healthcareinfosecurity.com 1, the three most important things HIPAA requires you to do are:

  1. Conduct a Risk Assessment
  2. Document your findings
  3. Work Your Plan

Your Risk Assessment is the first and most important step. This helps you identify any holes in your security plan. HIPAA requires this, and it is the first document HHS will ask for if you’re being audited.

Once you have your Risk Assessment, you must document your Policies and Procedures — both Privacy and Security. This is how you tell your employees how they should protect PHI in your company. If you don’t have a written plan, you don’t have a plan.

No plan is perfect out of the box. Your plan will continue to evolve as you hire new employees, adopt new technologies, and expand into new business ventures. You may find a specific procedure sounded great in theory, but when implemented, it just doesn’t work. That’s OK; be sure to document the changes! The key is to listen to feedback from employees, and be flexible as long as any changes aren’t compromising your Security!

To learn more about creating a compliance plan that meets your needs, checkout our Solutions today!

1. McGee, Marianne Kolbasuk. “Why the HIPAA Security Rule Needs Updating.” Gov Info Security. 21 Dec. 2015. Web. http://www.govinfosecurity.com/interviews/the-hipaa-security-rule-needs-updating-i-3021.

Sharing is caring!

Documents

Looking for a Business Associate Agreement?

Download our free template to get started on your path toward HIPAA compliance.


Download Now

Want to stay informed?

Join our community, stay ahead of the curve on HIPAA compliance and receive free expert guidance.

State of HIPAA Compliance in 2024

Watch the recording of this webinar to learn more about how you can become and stay HIPAA compliant!

Document

Related Posts

What is Access Control in terms of HIPAA?

What is Access Control in terms of HIPAA?

In today's digital world, protecting sensitive data is paramount. This is especially true for organizations that handle electronic Protected Health Information (ePHI), whether you're a healthcare...

Save & Share Cart
Your Shopping Cart will be saved and you'll be given a link. You, or anyone with the link, can use it to retrieve your Cart at any time.
Save Cart & Generate Link
Send Cart in an Email Done! close
Empty cart. Please add products before saving :)

Back Save & Share Cart
Your Shopping Cart will be saved with Product pictures and information, and Cart Totals. Then send it to yourself, or a friend, with a link to retrieve it at any time.
Send Cart Email
Your cart email sent successfully :)