Don’t forget the September 23, 2013 deadline to comply with the HIPAA mega rule. Focus on the following:
- Business Associate Agreements
- Updating “Notice of Privacy Practices”
- Adding privacy and security changes to policies and procedures
- Revising your security breach protocol
- Encrypting as much as possible
- Educating staff about the new requirements
Also, please note that breaches by your business associates and their subcontractors are your responsibility under the new rules.