Many practices are uncertain if they are doing enough or employed the right level of technology to obtain compliance.
Since the OCR self assessment tool contains 159 questions leading to extensive time to research / document, a lot is confusing or missed.
Here's 10 more reasons you may NOT be compliant.
Once healthcare practices adopt the security and administrative polices to be HIPAA complaint, they often don't do enough to maintain this compliance in a very dynamic environment involving changes of EPHI use, access, or security.
Your IT vendors provide technology to secure the EPHI, yet often aren't aware of their role and obligations under HIPAA. We help translate your IT vendors technologies into business solutions that conform to HIPAA standards.