The administrative components are really important when implementing a HIPAA compliance program; you are required to assign a privacy officer, complete a risk assessment annually, implement employee training, review policies and procedures, and execute Business Associate Agreements (BAAs) with all partners who handle protected health information (PHI). read more
You must have agreements with any contracted service providers that handle your medical records – agreements that ensure they are in compliance with all HIPAA regulations. You must have policies and procedures that limit access and you must provide training to your staff regarding protection of both hard copy and electronic Protected Health Information (ePHI). read more