Follow on Google News

Country(s)
United States
Australia
India
Hong Kong
England
China
- - -
More Countries


Industry News





April 2024
ThWeTuMoSuSaFr
25242322212019

Follow on Google News

Free HIPAA Guide Released by HIPAA Training Experts - Anchor LLC

HIPAA Compliance Guide v2.0 Available for Free Download in PDF Format
By:
SEATTLE - Jan. 26, 2017 - PRLog -- Right on the heels of publicly announcing their online HIPAA Training Management system, Anchor LLC has released a free HIPAA guide that provides HIPAA requirements in easy to understand language. The eBook is released in PDF format and is available from their website totally free.

Get the Free HIPAA Guide PDF

The HIPAA guide goes control by control and converts legalese into commonly understood technical and operational concepts. The HIPAA summary provides examples and industry best practices such as how often passwords should be rotated or how often employees should engage in refresher HIPAA training (also offered @ Anchor LLC). This document is a must have for practitioners trying to interpret and better understand HIPAA.

Examples from the HIPAA Guide

164.308(a)(7)(ii)(B) Disaster Recovery Plan
Regulatory Text Establish (and implement as needed) procedures to restore loss of data.
In Plain English! Define and document procedures for how you restore data from backup. This is different from the previous control in that in the previous control you are defining how you retrieve the backups (i.e., if backups are stored offsite how you physically obtain that media) and in this control you are defining how you use that backup to restore the data. Include which roles in your organization are responsible to take which actions (i.e., "operations manager deploys backed up database to staging server", etc.).


164.308(a)(8)          Evaluation
Regulatory Text Perform a periodic technical and nontechnical evaluation, based initially upon the standards implemented under this rule and subsequently, in response to environmental or operational changes affecting the security of electronic protected health information, that established the extent to which an entity's security policies and procedures meet the requirements of this subpart.
In Plain English! When working with organizations we often get a blank stare after reading the regulatory text for this control. What it is trying to say is that you must evaluate how effectively you are meeting the HIPAA requirements.

Document how you are meeting each HIPAA control. Here is a template you can use. On a regular basis (annually is the industry standard) review each control to assess if anything has changed. If you note changes in how you are meeting or not meeting requirements, document that.

If your organization or technical systems undergo major changes, that may prompt you to conduct this exercise more often than annually.


End
Anchor LLC News



Like PRLog?
9K2K1K
Click to Share