Businessolver
Businessolver Blog

Annual HIPAA Review for Cybersecurity

Get the Businessolver Blog in your inbox
Compliance Dashboard profile photo
By Compliance Dashboard
 on February 14, 2024
Share:

The best defense is a good defense! You hear about cybersecurity all the time, and shoring up your defenses and reviewing HIPAA materials on an annual basis is key.ย 

Here is a list of materials to review annually and a brief explanation of each:

Privacy and Security Policies

    • All self-insured plans must have a written Privacy Policy detailing your organizationโ€™s PHI- related rules and procedures.ย 
    • A Security Policy is required to document how your organization will protect ePHI through its policies and procedures.ย 

Risk Analysis

      • This is a comprehensive assessment of all business processes where ePHI may be created, received, maintained, or transmitted.ย 
      • Regularly evaluating security needs is crucial in maintaining HIPAA compliance and cybersecurity.

Plan Amendments

    • HIPAA amendment language must be current! Review and edit when there are regulatory changes, or when youโ€™ve made changes to your Plans or benefits.ย 

Business Associate Agreements

      • These should be stored securely and reviewed annually to accurately reflect the business relationship for each Business Associate.

Notice of Privacy Practices

    • This should be regularly reviewed to ensure that it reflects your current policies, and distributed regularly and available to everyone.

Your Workforce Training

    • Train staff with access to PHI annually, as a response to newly identified cybersecurity threats, or when the business adds, removes, or changes physical or technical infrastructure.ย 

Pro tips!

  1. Create reminders for assessment, review, and amendments of HIPAA-required documents to help simplify the maintenance process.
  2. Rely on your team! Include staff responsible for creating and amending documents in regular reviews.
  3. Be proactive! Once youโ€™ve followed the step-by-step tasks within HIPAA10, youโ€™re set up to simply review and amend your HIPAA documents.

Check out this HIPAA Annual Review Checklist for a printable resource!