Nancy Roht on HIPAA Deep Dives [Podcast]
Listen now
Description
By Adam Turteltaub At this point anyone in healthcare who doesn’t have a plan for managing HIPAA compliance risks is behind the eight ball and times. But, for those who do have a program in place, the question is: does it currently reflect your risk profile? Nancy Roht (LinkedIn), Managing Principal at Compliance Pro Consulting points out in this podcast that just because the HIPAA regulations don’t specify how often a HIPAA risk assessment should be done it’s best to do so annually, and perhaps even more frequently if something significant happens. Changes in leadership, organizational structure, goals, quality and major vendors can all call for a fundamental reexamination of your strategy. When conducting the assessment, don’t mistake it for a gap analysis. Make it a true assessment of risk and put together a work plan to address any deficiencies. When conducting the assessment, she recommends interviewing both leadership and staff to get a comprehensive picture. Take an inventory of the PHI you have, potential threats, vulnerabilities and security measures. Then, assign risk levels, prioritize and document your thinking. Years from now no one will remember what decisions were made and why, without the documentation. Be sure to look externally at your business associates, particularly those with evergreen agreements. They may have run out of date. Listen in to learn more about how to make your HIPAA risk assessment stronger.
More Episodes
By Adam Turteltaub Best known as The FCPA Professor, Mike Koehler argues that that many people have it all wrong when it comes to enforcement of the Foreign Corrupt Practices Act (FCPA). Citing historical data he argues that there is not, contrary to popular opinion, a slow down in enforcement...
Published 05/16/24
By Adam Turteltaub Jessica Zeff (LinkedIn) loves government audits. I know, it’s hard to believe, given the dread they inspire. But, the founder and lead consultant of Simply Compliance makes a very good case in this podcast that audits can be much better than people expect and actually...
Published 05/14/24
Published 05/14/24