How would your organization's senior management respond to CMS or OIG inquiries about health information security issues at your facility?
Does your organization have the documentation to demonstrate the existence of sufficient security protections or procedures that have been implemented?
If asked, do your employees understand their security-related responsibilities?
These are just a few of the questions that senior management may be asked by CMS or the OIG during a HIPAA security audit of your facility. This alert attempts to prepare providers to be in compliance by outlining the various HIPAA security rules and their implications.