 | ||||
 | | | ||
 | ||||
|
||||
|
|||||||
|
HIPAA
Tip:
Physicians should begin preparing for the HIPAA security rule, which goes into effect April 21, 2005. The rule requires covered physicians to develop policies and procedures to prevent unauthorized access to patients’ protected health information (PHI) and to detect, contain, and correct security violations. Unlike the privacy rule, which governs all forms of PHI (paper, oral, and electronic), the security rule applies only to information that is stored or transmitted electronically. Most physicians have already received numerous solicitations and advertisements for HIPAA security compliance products. Considering the potential costs and the effort associated with HIPAA compliance, it is a mistake to choose a HIPAA “solution” without first understanding your practice’s HIPAA problems. Your may already have in place policies, procedures, systems, and technology that adequately address at least some of HIPAA’s security requirements. The first step in a HIPAA security compliance plan should be a risk assessment, which involves taking an inventory of all the practice’s assets that contain or transmit electronic PHI and assessing the possible security risks. For example, does your computer have antivirus software installed and updated? If not, that is a security risk that needs to be addressed. Version 2.0 of the CMA/PrivaPlan HIPAA Privacy/Security Compliance toolkit CD-ROM contains, among other things, a step-by-step guide to completing a risk assessment. (Physicians who purchased the toolkit last year should have received a free update to version 2.0. Additional updates will be available to members for $25/year and to nonmembers for $50/year.) Click here to order the toolkit online, or to download a PDF order form to be printed and submitted by mail or fax. The price for CMA members is $325 (nonmember price is $495). For more on the HIPAA security rule, see ON-CALL document #1607, “HIPAA Security Rule.” ON-CALL documents are free to members at CMA’s members-only website. Nonmembers can purchase this and other ON-CALL documents for $2 per page at CMA’s online bookstore. Future issues of CMA Alert will provide frequent updates on the HIPAA security rule, including the dates and locations of CMA’s security rule seminars and workshops. Additional HIPAA information is available in the HIPAA Help Center. Contact: CMA’s legal information line, 415/882-5144 or legalinfo@cmanet.org.
|
|
||||
 |
|
|