What is HIPAA Compliance?
Before discussing the elements of our HIPAA compliance checklist, it is best to answer the question “What is HIPAA compliance?” HIPAA compliance involves fulfilling the requirements of the Health Insurance Portability and Accountability Act of 1996, its subsequent amendments, and any related legislation such as the Health Information Technology for Economic and Clinical Health (HITECH) Act.
Despite the intentionally vague HIPAA requirements, every Covered Entity and Business Associate that has access to PHI must ensure the technical, physical and administrative safeguards are in place and adhered to, that they comply with the HIPAA Privacy Rule in order to protect the integrity of PHI, and that – should a breach of PHI occur – they follow the procedure in the HIPAA Breach Notification Rule.
All risk assessments, HIPAA-related policies and reasons why addressable safeguards have not been implemented must be chronicled in case a breach of PHI occurs and an investigation takes place to establish how the breach happened. Each of the HIPAA requirements is explained in further detail below. Business unsure of their obligation to comply with the HIPAA requirements should seek professional advice.