Once upon a time . . .
there were three dedicated healthcare professionals -- a doctor, a clinic administrator, and a dentist -- who were absolutely, positively sure they'd done everything they needed to do to be HIPAA compliant.
"My office hires a computer guy to come in twice a year and update our software. So, yeah, we're good," said the doctor.
"We must be OK. After all, I just spent a small fortune on an Electronic Health Records system," the clinic administrator replied.
"Am I Concerned about HIPAA? Not really. my receptionist went to a Big seminar on compliance lasT year," the dentist smiled.
All three were confident they'd done their part and were convinced they didn't have to worry about things like HIPAA audits, hackers, data breaches, and costly fines.
But alas, those good folks were, in fact, living in a kind of Fantasyland.
- None of them had developed and documented their Policies and Procedures for safeguarding patient information.
- Or ever done a Risk Analysis.
- Or prepared a Mitigation Plan for addressing identified weakenesses.
- Or had on file signed agreements from their Business Associates stating that they -- the Business Associates -- were also HIPAA compliant.
"yikes! you mean we're supposed to do all that too?!"
"Indeed. And more," said a Touchstone Compliance rep, a veritable wizard when it came to such things.
And so, with expert help from Touchstone's amazing online tools and people, the doctor, the clinic administrator, and the dentist were able to get a handle on that complicated law's many requirements. Easily and affordably.
And yes, they all lived HIPAA-ly ever after.
Call today: 858.779.4842 Www.touchstonecompliance.com
Touchstone Compliance | 10620 Treena Street, Suite 230 | San Diego, California 92131