It is that time of year again when people have a goal to add compliance to their never-ending list. 2023 is THE year to get compliant. I see all the emails that come through with HIPAA violations and who did what and what they were fined for.
The # 1 reason people are getting looked at for HIPAA is not releasing medical records in a timely manner.
The #1 thing it seems they are being fined for is not completing a recent Security Risk Analysis.
Your homework is to have someone in the office do AVMs 950 in the compliance classroom. It shows you step-by-step how to download the Risk Assessment tool that HealthIT provides and how to go through all the questions. It asks a lot of “do you have a policy or procedure for….” If you are using BTC policies and procedures for OIG and HIPAA then you can confidently answer yes. If you have a lot of no’s or I don’t know, once the analysis is completed ask your coach to help. We have resources to help you through the entire process. The great news is once you have completed the analysis once you just update it each year. The first time I completed this it took about 2 hours and today I just updated for 2023 and it took about 10 min.