| That question is one I hear a lot recently. What's all | | | | While it may seem daunting, being compliant really |
| the fuss about? Why do I need to pay attention to | | | | isn't that tough. There are a lot of simple things you |
| all of these new "rules?" Isn't it just a way for | | | | can do to assure that you have taken the necessary |
| someone to make money? | | | | steps. And having that written documentation that |
| With the passing of the HITECH Act, the HIPAA | | | | shows you're making a good faith effort will go a |
| rules and regulations have undergone some big | | | | long way if you do happen to be one who gets |
| changes. Things that previously could be overlooked | | | | audited. There are now required random audits and |
| can no longer be ignored. Business associates are | | | | nothing in those rules says just go after big |
| now required to implement the things in the security | | | | organizations. Protection of patient privacy applies to |
| rule and much of the privacy rule. Even something as | | | | everyone, no matter how big or small you are. |
| simple as not having written policies and procedures | | | | We are already seeing the changes of the new laws. |
| will mean you are not compliant. | | | | HHS has already posted the first group of breaches |
| "It won't happen to me." So many people seem to | | | | on their website. And by the way, it's not just |
| be thinking that, while they understand there are | | | | healthcare organizations. Where it applies, each |
| new rules, it really doesn't apply to them because | | | | business associate involved is also listed. That sure |
| their business is so small it just won't matter. And so, | | | | isn't a way to get good publicity for your business. |
| like the ostrich with their head in the sand, we move | | | | What about you? What's stopping you from taking |
| along thinking that as long as we don't address it, no | | | | the steps toward compliance? |
| one will see we're out there. | | | | |