One thing is certain. You don't want to wait until you receive a notification letter from OCR before you begin preparing for a HIPAA audit, says Dena Boggan, CPC, CMC, CCP, HIPAA privacy/security officer at St. Dominic Jackson Memorial Hospital in Jackson, Miss.
The question today for healthcare facilities isn't "does your facility use social media?" It's "who is using social media, for what purpose, and what policies govern its use in your organization?"
Some healthcare administrators and executives consider the notice of privacy practices (NPP) another government administrative burden. From a privacy perspective, however, the NPP is not a waste of time.
