Sign up to save your podcasts
Or
Share Episode 16: Seven Steps for Nurturing a Culture of Compliance
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Episode 16: Seven Steps for Nurturing a Culture of Compliance
Culture of compliance is the phrase OCR uses when defining what they are looking for in an audit or investigation. They also use the phrase robust compliance program in the same manner. Using these steps is a great way to make sure your organization is following their lead.
Links
ComplyAssistant Compliance Management Solution
Spher EHR Access Monitoring Solution
FindHealthcareIT
HIPAAforMSPS.com
Kardon Compliance
Notes
7 steps to improving your Privacy & Security policies and procedures and nurturing a Culture of Compliance:
Designate a Compliance (Privacy & Security) OfficerFirst, the law requires you do this. But, if no one is in charge then nothing will happen, we all know that to be the case. Or, in a vacuum of leadership someone else will take charge and handle things the way they think they should be done without the support of management.
Train and educate your staff and BA partnersConstantly restating the same information over and over in a variety of ways may be annoying to some but that means they have heard it! Also, don't forget to work with your BA partners to confirm they actually understand what HIPAA compliance requires in their organizations.
Implement an ongoing Compliance maintenance solutionThis is what we talk about using tools such as ComplyAssistant, Spher, and professional MSP monitoring and management applications. Either use the tools or develop manual internal controls and processes to accomplish those same documentation and audit tasks on a regular basis.
Conduct regular and complete audits and monitoring of all ePHI systems If you are ignoring it then so will everyone else in your organization.
Monitor and respond to Incidents in a timely manner (State & Federal regulations)We all freak out together as soon as we know something could havehappened to our PHI.
Adhere to a strict breach remediation protocolDefine your breach plan and use it every time. After any case that it was used, then review it to make sure you don't need to change or add things in the plan.
Create a open line of communication for management and staffThe law requires you to never retaliate towards any person who files a complaint or reports a problem including a breach. If you don't make it clear that you fully support that rule and all workforce members are free to ask any question, file any complaint, and report any concern then you will likely be missing things just because someone was afraid to tell.
View all episodes
By Donna Grindle and David Sims
4.9
6161 ratings
Culture of compliance is the phrase OCR uses when defining what they are looking for in an audit or investigation. They also use the phrase robust compliance program in the same manner. Using these steps is a great way to make sure your organization is following their lead.
Links
ComplyAssistant Compliance Management Solution
Spher EHR Access Monitoring Solution
FindHealthcareIT
HIPAAforMSPS.com
Kardon Compliance
Notes
7 steps to improving your Privacy & Security policies and procedures and nurturing a Culture of Compliance:
Designate a Compliance (Privacy & Security) OfficerFirst, the law requires you do this. But, if no one is in charge then nothing will happen, we all know that to be the case. Or, in a vacuum of leadership someone else will take charge and handle things the way they think they should be done without the support of management.
Train and educate your staff and BA partnersConstantly restating the same information over and over in a variety of ways may be annoying to some but that means they have heard it! Also, don't forget to work with your BA partners to confirm they actually understand what HIPAA compliance requires in their organizations.
Implement an ongoing Compliance maintenance solutionThis is what we talk about using tools such as ComplyAssistant, Spher, and professional MSP monitoring and management applications. Either use the tools or develop manual internal controls and processes to accomplish those same documentation and audit tasks on a regular basis.
Conduct regular and complete audits and monitoring of all ePHI systems If you are ignoring it then so will everyone else in your organization.
Monitor and respond to Incidents in a timely manner (State & Federal regulations)We all freak out together as soon as we know something could havehappened to our PHI.
Adhere to a strict breach remediation protocolDefine your breach plan and use it every time. After any case that it was used, then review it to make sure you don't need to change or add things in the plan.
Create a open line of communication for management and staffThe law requires you to never retaliate towards any person who files a complaint or reports a problem including a breach. If you don't make it clear that you fully support that rule and all workforce members are free to ask any question, file any complaint, and report any concern then you will likely be missing things just because someone was afraid to tell.
More shows like Help Me With HIPAA
View all
This Week in Tech (Audio)
3,014 Listeners
The Ramsey Show
38,703 Listeners
Wait Wait... Don't Tell Me!
38,649 Listeners
Radiolab
43,909 Listeners
The Joe Rogan Experience
225,807 Listeners
CyberWire Daily
1,006 Listeners
Juicy Scoop with Heather McDonald
25,559 Listeners
The Jordan B. Peterson Podcast
34,045 Listeners
This Past Weekend w/ Theo Von
27,214 Listeners
Darknet Diaries
7,876 Listeners
CISO Series Podcast
187 Listeners
All-In with Chamath, Jason, Sacks & Friedberg
9,095 Listeners
The MeidasTouch Podcast
44,368 Listeners
SmartLess
57,908 Listeners
The Dr. John Delony Show
7,093 Listeners