During the COVID-19 nationwide public health emergency, the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) has been “committed to leaving no one behind during an emergency,” while continually delivering guidance “designed to help healthcare providers meet that goal,” according to Roger Severino, the Director of OCR. So it should come as no surprise that they have been releasing a steady flow of HIPAA-related COVID -19 updates, delivered in the form of guidance, bulletins and resources.
While their efforts have no doubt allowed millions of Americans to receive the care they need, sometimes the constant influx of guidance has felt like we’re left drinking from a firehose.
And now, as we head into the annual HIPAA Privacy and Security risk assessment season, you might be wondering where and how to properly assess your risks, as they relate to new changes in government regulations, facility operations, and patient care. Conducting an annual HIPAA Risk Assessment is nothing new for the seasoned compliance professionals in the Healthicity community, but beyond conducting your SRA each year, it’s important to remember one of the key principles to an effective annual security risk assessment is identifying new security risks that have been created or evolved based on changes to your business since the prior risk assessment. And oh, how our risks have evolved this year.
So if you have questions about how to approach your RA this year, you can breathe a sigh of relief. Because on Wednesday, September 30, we’ll be hosting a brand-new webinar, “How COVID-19 Has Exposed Your Organization to HIPAA Compliance Risks,” where we’ll help you identify and solve for new risk areas, including:
- Widespread Use of Telehealth Technologies in the Era of COVID
- Novel Collection Sites of PHI in COVID Testing, Including Parking Lots
- Integrating New, Part-time, or Temporary Employees for COVID Surge Planning