FREQUENTLY ASKED QUESTIONS

How do I know if I am HIPAA compliant?

A quick assessment of compliance consists of being able to:  1) readily pull out your HIPAA policy and procedures manual, 2) produce your training logs (who was trained, when they were trained, a copy of the training materials, and who provided the training), 3) your SRA, and 4) consequent remediation plan, and 5) you must evidence that you have done due diligence on your BAs.  These five items are only the tip of the iceberg of what you will be required to provide the Office for Civil Rights (OCR) as part of a breach investigation or random audit.