Since when HIPAA compliance came into existence, it is constantly evolving to adapt to the changing healthcare environment. HIPAA layouts many industry standards for organizations working in healthcare to improve the organization’s efficiency and at the same time protecting individual’s data. It is mandatory for all the health care organizations to update their HIPAA compliance program to incorporate changes in the law. This HIPAA compliance checklist 2020 allows HIPAA compliant organizations to ensure that they have all that is required by law.
What is the HIPAA Compliance Checklist 2020?
With the advancement in technology, these days hackers and fraudulent can easily hack the data and PHI of individuals. So, for this reason, HIPAA compliance in 2020 has never been more important as healthcare breaches and HIPAA audits continue to rise. This HIPAA compliance checklist 2020 will help health care entities and business associates to ensure that they are in line with HIPAA 2020 standards.
The following is a HIPAA compliance checklist 2020 that you may use to assess your business processes:
- It is very important to conduct the following 6 required annual self-audits. Have you conducted these?
- Security Risk Assessment (SRA)
- Security Standards Audit
- Privacy Assessment (not required for BAs)
- HITECH Subtitle D Audit
- Asset and Device Audit
- Physical Site Audit
2. Have you utilized the self-audits to identify gaps?
Self audits are very helpful in identifying the gaps in your organizations. If you find something wrong then correct it immediately.
3. Have you created remediation plans that address the identified gaps?
- Document remediation plan in writing
- It is important to review and update the remediation plan annually
- Retain your remediation plans in your records for six years
4. Have all employees completed their annual HIPAA training?
- It is important for your employees to receive HIPAA training
- Always have an officer designated for HIPAA Compliance, Privacy, and/or Security.
5. Do you have Policies and Procedures that directly apply to your business practices and incorporate HIPAA Privacy, Security, and Breach Notification Rules?
- All your employees should follow your agencies policies and procedures that comply with HIPAA Privacy, Security, and Breach Notification Rules
- Always review policies and procedures annually in order to comply with HIPAA compliance
6. Have you identified all of your Business Associates and vendors?
- All your business associates and vendors must follow HIPAA guidelines and should protect PHI of an individual with any data breach.
- Always review and track your business associate agreements annually.
- It necessary to sign a confidentiality agreement with your vendors.
7. Do you have an incident response plan and clearly defined process for breaches?
- Your organization should have the ability to track and investigate all data breach incidents.