Lessons Learned About HIPAA Risk Management Plans
Category: Security
By: Tod Ferran
Many healthcare entities haven't yet separated the difference between the HIPAA Security Rule and HIPAA Privacy Rule. Because of this confusion, they leave many security regulations unfulfilled. Most practices I've communicated with are trained, strict adherers to the Privacy Rule, but don't understand that the Security Rule is a completely different ballgame.
I'd like to clarify a misperceived section of HIPAA security: The RMP. The Risk Management Plan (RMP) is the compliance step that works through issues discovered in the risk analysis and provides a documented instance proving your active acknowledgement (and correction) of PHI risks and HIPAA requirements.
There are three vastly different approaches to RMP that vary in cost, time, and work required. To my knowledge, every covered entity engaged with HIPAA is using at least one of these methods...
Log in to read entire article now
UserID: Email:
4 Ways to Ensure Healthcare Data Security at Your Practice
Two Hot Ransomware Items to Watch
Ransom Disclosure Act - Proposed Bill Will Require Victims to Disclose Ransom Payments within 48 Hours
HIPAA, COVID-19 Vaccination, and the Workplace
5 Cybersecurity Threats to Healthcare During the COVID-19 Pandemic
Medical Office Safety Planning: Become Aware and Commit to Prepare
How Data Governance and Technology Can Help Pandemic Responses
Take Your Data Back: Empowering Healthcare Practices, Systems, and Providers
Evaluating the Promise of Telehealth: Pandemic Physician Practice Lifesaver Gives Way to Billing, Regulatory Scrutiny
Best Practices for Managing the Insider Threat in Healthcare
Home | About Us | Magazine | CEUs and Webinars | Subscribe | Renew | Reprints | Writers' Guidelines
Follow us on social media
