Our Products can help your organization stay educated and compliant. Shop Now >

Insights

OCR Recommends That All Agencies Evaluate Their Cybersecurity Response Capabilities

Posted on Friday, October 14, 2016 7:57 PM

The HHS Office for Civil Rights (OCR) has recommended that all agencies and other entities need to indicate whether they’re capable of responding to a cybersecurity incident. If agencies do not follow these steps to secure electronic patient information, then it will most likely result in a violation of HIPAA.

According to a recent survey, the results concluded that 43% of respondents lacked formal cybersecurity incident-response plans and procedures. The survey also pulled the results that 61% of respondents have dealt with a data breach in the past two years.

The guidance includes the following recommendations that covered entities and business associates:
• Have an incident-response plan
• Make sure the incident-response policies and plans are approved by management and reviewed annually
• Include processes that prepare for cybersecurity incidents
• Build relationships and lines of communication
• Staff the incident-response team with people who have the skillsets
• Train staff to “be effective in their roles”

The following steps are available to help protect your agency:
• Protect your electronic patient information
• Develop policies and procedures to address cybersecurity
• Review your cybersecurity response policies, plans and procedures annually
• Ask your electronic health record and other health IT vendors about the cybersecurity capabilities of their systems
• Understand that OCR considers a security incident
• Document all of your plans, policies and procedures
• Use free or easily available resources when you can
• Make sure your business associates have cybersecurity protections in place

For the full article, please see the October 17, 2016 Home Health Line Edition.


About Corridor

Corridor is a trusted home health and hospice consulting partner to agencies both large and small. We provide the most up-to-date comprehensive homecare industry educational resources and consulting available.

We specialize in delivering better revenue cycle management solutions, coding and documentation review services, regulatory compliance, and healthcare consulting.

For the most important industry updates and news that impacts home health and hospice, please make sure to sign up for our weekly newsletter to receive the latest up-to-date industry information direct to your inbox!

For additional information, please contact Corridor at 1-866-263-3795

Go Back