First, let’s start off with what HIPAA compliance is. HIPAA compliance refers to following proper rules in accordance with requirements and regulations set forth by HHS (Health and Human Services) policies. Becoming compliant does not necessarily you will maintain compliance. This is an ongoing requirement that must be checked an updated regularly.
Are You Compliant?
Now that we’ve gone through what HIPAA compliance is let’s talk about your business being compliant. Start off by asking yourself the following questions:
- Are your protected files stored in protected servers or clouds?
- Do you have a list of everyone that has access to this data, and do they have the proper level of permission?
- Do you track and monitor who is accessing these files?
- Have you set up alerts for when attempts are made to access this data from suspicious devices?
- Have you set up cyber security and 2-step identification?
If you answered no to any of these questions, then most likely you are not HIPAA compliant.
Does Your Business Need to Be HIPAA Compliant?
Any business related to healthcare has to take proper actions to ensure they are compliant and regularly conduct thorough risk assessments to ensure they are protecting patient information. In short if you are dealing with any sort of patient information you need to be compliant.
How Can You Get and Maintain a HIPAA Compliance Certification?
Obtaining a certification involves identifying a proven training program that once completed will ensure staff is properly trained in policies and procedures outlined by the HHS. Currently the most widely used compliance training program is SIMBUS360.
The SIMBUS 360 HIPAA Compliance software solution allows you to become fully compliant and earn your company a HIPAA compliance authenticated badge that will allow you to show your compliance status to your customers.