Having problems with message search?
The attached document provides direct quotes from the HIPAA Final Privacy Rule and the preamble. It also provides some examples of how a covered entity might apply sanctions when there is a failure to comply with an organization's policies and procedures.
A covered entity must document when a sanction is applied in response to a failure of a workforce member to comply with the organization's privacy policies and procedures. A covered entity may want to audit this documentation to determine trending of non-compliance. Often, failure to comply may be a result of insufficient training on policies and procedures at the facility or department level. This would be an indication that there may be a gap or vulnerability of training or implementation at the facility or department level, and training on the organization's policies and procedures for the entire facility or department may be deemed necessary to minimize the risk of additional breaches of privacy.
Regards,
Barbara McGowin, CPC
Executive Recruiter
HIT Recruiting
(843) 824-8537
mcgowins@...
Connecting Healthcare Organizations with People,
Products and Services to Achieve HIPAA Compliance.
Executive Recruiter
HIT Recruiting
(843) 824-8537
mcgowins@...
Connecting Healthcare Organizations with People,
Products and Services to Achieve HIPAA Compliance.
Offline 
Send Email