Semantics often gets in the way when it comes to HIPAA Security Rule requirements—and the results can be costly mistakes for your organization in terms of wasted resources, not to mention not satisfying OCR. It’s time for your organization to get a grip on what exact security measures it’s performing.
If your healthcare organization thinks distributing a Notice of Privacy Practices (NPP) form, ensuring patients acknowledge receiving it, and maintaining those acknowledgments is a burden, the government may agree with you.
If you’re generating audit logs, you must regularly review them. SPHER, a cost-effective software as a service tool that automates the review of the multitude of audit logs your EHR generates and can help you discover potential security incidents and avoid unpleasant surprises.
