HIPAA Compliance Risk Analysis

1369 Words6 Pages

The Health Insurance Portability and Accountability Act (HIPAA) is a vital part of the health care industry’s day to day business. HIPAAs procedures define how healthcare companies receive and handle their clients’ health care information. HIPAA helps to protect the patient’s personal information through confidentiality and security procedures while being transferred, handled or shared with other healthcare providers (Modifications to the HIPAA Privacy, Security, Enforcement, and Breach Notification Rules, 2013). When a patient’s privacy is not regulated, third parties could buy and sell the information without the patients’ authorization. With HIPAA being in place, it prevents healthcare employees from divulging any patient information they …show more content…

Healthcare providers can assist in their HIPAA compliance by doing a protected health information inventory (PHI), having a security evaluation, conducting a risk analysis, creating a mitigation plan and an incident response plan (McNickle, 2012). Having a PHI inventory is a logical starting point which identifies the information assets that the company requires securing whether the information is electronic or on paper. Even though HIPAA only requires healthcare companies to cover electronic PHI, this process will how the company will collect, store, share, or dispose of the patient information. Having this inventory in place will also reveal any risks within the current system in place, exposing where a breach could occur. Implementing a security evaluation over the company’s security policies and procedures can be used to pinpoint any holes in the security system between the current protection and what is required by HIPAA. The policies and procedures should reflect any environmental changes as well as operational for an accurate analysis of the …show more content…

is a privately run home healthcare agency. Our company is operating in several locations in ten states, to date with over 40 agencies. We take confidentiality very seriously throughout all the departments of the company, making sure that the staff is aware of the policies and procedures that are put in place for assurance of our patients’ privacy. As I stated in my previous homework assignment, there are several departments within AngMar that handle different aspects of the healthcare process having the possibility of seeing patient information and there are compliance procedures set in place that are mandated by the company and the state in order to prevent any employees from sharing anyone’s private information. We work closely with Medicare and Medicaid in order to serve our patients, who are usually under a physician’s plan of care and need skilled nurses to assist them in their home (About Us, n.d.). One of the major concerns in our industry is preventing health care fraud. In the past AngMar has dealt with healthcare fraud from dealing with new acquisitions as well as with patients’ doctors accepting kickbacks. The patients and the healthcare providers are notified beforehand if there are any out of pocket expenses, according to HIPAA compliance. AngMar lets all employees know coming in that they will periodically do checks on the end users’ systems to make sure that they are not doing anything that will infect the