Posted on Friday, October 14, 2016 7:57 PM
The HHS Office for Civil Rights (OCR) has recommended that all agencies and other entities need to indicate whether they’re capable of responding to a cybersecurity incident. If agencies do not follow these steps to secure electronic patient information, then it will most likely result in a violation of HIPAA.
According to a recent survey, the results concluded that 43% of respondents lacked formal cybersecurity incident-response plans and procedures. The survey also pulled the results that 61% of respondents have dealt with a data breach in the past two years.
The guidance includes the following recommendations that covered entities and business associates:
• Have an incident-response plan
• Make sure the incident-response policies and plans are approved by management and reviewed annually
• Include processes that prepare for cybersecurity incidents
• Build relationships and lines of communication
• Staff the incident-response team with people who have the skillsets
• Train staff to “be effective in their roles”
The following steps are available to help protect your agency:
• Protect your electronic patient information
• Develop policies and procedures to address cybersecurity
• Review your cybersecurity response policies, plans and procedures annually
• Ask your electronic health record and other health IT vendors about the cybersecurity capabilities of their systems
• Understand that OCR considers a security incident
• Document all of your plans, policies and procedures
• Use free or easily available resources when you can
• Make sure your business associates have cybersecurity protections in place
For the full article, please see the October 17, 2016 Home Health Line Edition.
About Corridor
Corridor is the nation’s preferred partner and trusted business advisor to home health and hospice providers, providing quality services and impactful results for 30 years. Focusing on key operational, regulatory and financial challenges, Corridor delivering industry-unique solutions and deep expertise in coding, clinical documentation review, compliance, billing and collections , consulting and provider staff education . At Corridor, we make the business of caring for people Better! For the most important industry updates and news that impacts home health and hospice, please make sure to sign up for our weekly newsletter to receive the latest up-to-date industry information direct to your inbox!
For additional information, please contact Corridor at 1-866-263-3795.