|
Just Associates, Inc.
can help you assess your risk potential through a Risk |
Answers
|
||||
Yes
|
No
|
Don’t Know
|
|||
|
HIPAA Privacy and Security Quick Quiz Complete the following questions
to determine your risk potential. (View Only)
|
|||||
|
1. Do
you have a written Security Management Plan that describes your overall
Security Program in detail ? |
|
|
|
||
|
2. Have you
had a technical & non-technical security evaluation in the past two years
? |
|
|
|
||
|
3. Do you have information
access management procedures for: |
|
|
|
||
|
|
Administrative Access to PHI ? |
|
|
|
|
|
|
Physical Access to PHI ? |
|
|
|
|
|
|
Technical Access to PHI? |
|
|
|
|
|
4. Do you do regular security
training of staff? |
|
|
|
||
|
|
Do you train staff on protection from malicious
software ? |
|
|
|
|
|
|
Log-in monitoring ? |
|
|
|
|
|
|
Password management ? |
|
|
|
|
|
5. Do you have formal privacy and security
incident response procedure ? |
|
|
|
||
|
|
Are staff sufficiently trained in the procedure to
immediately implement it should a security breach occur ? |
|
|
|
|
|
6. Do you have a detailed Contingency Program
that includes: |
|
|
|
||
|
|
Data Backup Plan ? |
|
|
|
|
|
|
Disaster Recovery Plan ? |
|
|
|
|
|
|
Emergency Mode Operation Plan ? |
|
|
|
|
|
|
Testing and Revision Plan ? |
|
|
|
|
|
|
Applications and Data Criticality Plan ? |
|
|
|
|
|
7. Does your Business Associate Agreement
include adequate security protection language ? |
|
|
|
||
|
8. Do you have procedures for device and media re-use and disposal ? |
|
|
|
||
|
9. Do you have adequate data integrity controls
on your systems ? |
|
|
|
||
|
10. Do you actively monitor your system activity for intrusion ? |
|
|
|
||
|
If you answered “No” or “Don’t Know” to any of the
above questions, your organization may be at risk of: • Failure
to meet HIPAA security regulatory requirements. • Potential
impact on quality of care and patient safety from lack of security safeguards
for the health information you use to treat your patients. • Negative
impact on your pocketbook if unlawful disclosure should occur in your
organization. One healthcare system recently spent $500,000 just sending
notices to their patients contained in a database that was breached. They also provided one year of credit
monitoring for the 1.5 million patients affected by the security breach. • Harm
to reputation and loss of patient trust in your organization’s ability to
security their personal data. |
|||||
|
For
More Information: |
For more information on how Just
Associates’ HIPAA Privacy and Security Consulting Services can help, call
303.693.4727 or click here. |
||||
