The HIPAA Security Deadline is quickly approaching. Are you ready?

The Security Rule is specific to electronic Protected Health Information (PHI). The Security Rule’s purpose is to protect the confidentiality, availability and integrity of electronic protected health information.

Consider the following steps to help you get ready for the April 21, 2005 Security Deadline:

• Appoint a HIPAA Security Officer.
• Create a HIPAA Security Committee to address the regulations.
• Complete a Risk Assessment.
• Determine the actions to be taken to address each risk or vulnerability.
• Create an action plan to implement reasonable and appropriate administrative, physical and technical safeguards.
• Document and maintain policies and procedures to address the issues identified in the risk assessment.
• Implement the recommended safeguards.

Finally, perform periodic audits and staff training to address operational changes which could affect the security of electronic PHI. Staff development is essential in maintaining the efficiency and effectiveness of HIPAA compliance. Remember, compliance is not a one-time goal. It is an on-going process.