HIPAA recommends reviewing security checklist

PARCA eNews – March 16, 2018 – HIPAA requires organizations that have access to protected health information must safeguard the security and privacy of that information. The HIPAA Journal has compiled a HIPAA Compliance checklist for 2017-2018.

The list addresses technical, physical and administrative safeguards that organizations should periodically review to ensure they remain compliant with HIPAA regulations.

Technical safeguards include requirements for data encryption whether the data is at rest or in transit. 

The five points on the technical safeguard checklist include:

• Implementing access control 
• Authentication of electronic patient health information 
• Implementation of encryption and decryption tools 
• Audit controls 
• Automated logoff controls 

The Physical Safeguard checklist includes:

• Facility access control 
• Policies for workstation use 
• Mobile device procedures 
• Hardware inventory 

Administrative Safeguards include:

• Conducting regular risk assessment 
• Have a risk management policy 
• Employee training in HIPAA compliance 
• Contingency planning 
• Contingency planning testing 
• Third-party access control 
• Security incident reporting 

Keeping track of all your HIPAA compliance efforts can be difficult to cover the full range of requirements. Using such a checklist can help organize and document compliance. For the complete details check out the HIPAA Journal’s HIPAA Compliance Checklist.