top of page
Writer's pictureDiane Evans

Play Santa: Check your List of Security Policies Twice!

By Diane Evans


As you think about work-related resolutions for the new year, ask yourself this question: At this moment, do you feel sure you can account for the security of all private information entrusted to your organization?


If the answer is no, you’ve just identified a high-priority item to add to your 2025 to-do list.  In upcoming newsletters, we will suggest ways to achieve a full accounting of all places where confidential data is maintained, created, received or transmitted.  


A place to start:  Take an inventory of your Security Policy Manual to make sure your organization has adopted all required policies under the Health Insurance Portability and Accountability Act (HIPAA).  Missing policies generally indicate lapses in tight security practices in daily routines.


If you find that you have all the necessary policies in place, the next questions are these:


  • Do work-flow procedures align with the policy requirements?

  • Are employee responsibilities under the policies sufficiently communicated?

  • Are security policies enforced, with sanctions corresponding to the severity of an infraction?


If you’re not sure whether you have a complete set of HIPAA-required security policies in place, then your first challenge is to inventory the policies already enacted, so that you can identify what’s missing.  


You can download the graphic below for a checklist.



One thing to keep in mind:  While a social media policy is not a specific HIPAA requirement, you still need one because unauthorized social media posts can result in breaches. 


Action item:  If you need a Social Media Policy, email me at devans@guardededge.com for a complimentary template.  

-----------------


Risk Assessment Training Tomorrow - Still time to register


Title: Risk Assessment Basics 

Virtual:  Dec. 11 from 1 pm to 2 pm EST

Summary of Presentation

Learn the most common causes of HIPAA breaches, and how to reduce high risks to the best of your ability. This course will focus on actual breaches in the long-term sector, why they happened, and how they might have been prevented. While some breaches will occur despite the best of security efforts, carelessness and neglect remain common causes of HIPAA violations. 


Learning Objectives & Competency Building


  • Likely causes of HIPAA breaches

  • How to recognize high risks in your midst

  • Best practices for preventing breaches Risk Assessment Task List


Complimentary Resource 


  • Risk Assessment Task List


Click here to register: risk-assessment-basics

Cost: $100 per person


#Data ManagementLongTermCare

#Data SecurityLongTermCare






18 views0 comments

Recent Posts

See All

Proposed Changes in HIPAA Rules Help YOU!

By Diane Evans  Recently, the U.S. Office for Civil Rights (OCR) proposed stronger rules for data security and compliance under the...

Comentários


bottom of page