With Phase 2 of HIPAA Audits underway, dentists need to be more vigilant than ever about their HIPAA audit preparedness. There is no practice too big or too small to fly under the OCR’s radar. They will find you and request your latest HIPAA compliance audit.
Small practices need to be especially prepared and take action now. In recent audit findings from the OCR, a majority of smaller offices were found to have incomplete documentation, or were not even fully aware of the HIPAA guidelines.
As a dentist, when you’re putting together your HIPAA compliance plan, here are a few points you need to ensure you cover:
- Breach Plan: Make sure you have a plan in place if your practice has a security breach. If you have a breach of 500 or more patient records, you will be required to contact your local news outlet.
- Smartphone/Tablet Security Plan: Everyone has a smartphone or tablet. You need to ensure that your staff are trained to properly handle ePHI on a mobile device. Make sure you have a written plan in place and your staff.
- Physical PC and Mac Security: Health records aren’t just being stolen through email or database hacks. Thieves are physically stealing PCs, Macs, and laptops. Do you have a physical security plan in place to lock down your computers?
- Disaster Recovery Plan: Last but not least important is a full Disaster Recovery Plan. When your practice suffers a loss of power, computer issues, data loss, fire, or flood, you need to have a plan in place to keep your business up and running. It’s not a matter of if it will happen, it’s a matter of when.