- Our Outreach
-Consultations with healthcare professionals
-Risk Assessment and Review Engagements with both Dental and Medical practices
-Consultations with many industry consultants and suppliers
- Findings
-Inertia on behalf of personnel responsible for risk assessment and review
*untrained, not qualified to do certain tasks, overloaded
-Providers – think everything is in great shape
- Easy misconceptions
-No written or insufficient policies
-Unable to demonstrate procedures are followed consistently
-Unaware of risky activity
>ePHi using Outlook
>Unsecured paper files/old hard drives
>No review of logs for intrusions
>No employee screening or terminations discussions
>All staff use the same log-ins and passwords
-Staff unaware of the capabilities of the EHR software
-And lots more
Risk Assessment Support Recommended Solutions
- 3rd Party Risk Assessment
-Quick, knowledgeable (HIPAA guidelines/IT/Contingency mgt/process mgt) assessments
-Produce punch lists of deficiencies
-Assistance of clear deficiencies, upgrade systems
-Complete the work that the staff cannot do
- 3rd Party Periodic Reassessments
- Manage ongoing compliance with a software solution such as Network Antic’s recommended multiple mandate software.-Set up the all future compliance tasks (check controls, collect and store reports, ensure recurring processes follow policies and procedures) – email, notification engine, dashboards, calendars, etc. Each year’s tasks can be initiated in > 1 hour.
-System of record to support all compliance activities (questionnaires, contracts, reports, policies, electronic signatures, document versioning)
-Alerts if compliance tasks are completed on a timely basis (task, resp. party)
-Contingency management – execute predetermined DR plan with Network Antic’s recommended multiple mandate software.
Additional Resources: