One of the very first HIPAA Security regulations, “Assigned Security Responsibility,” requires every Business Associate and every covered entity to have a designated HIPAA Security Officer.
Many organizations that I work with in my consulting practice seem to know that they need a Privacy Officer but not a Security Officer. And technically, Business Associates aren’t required to have a Privacy Officer (although they should anyway).
For the organizations that are aware of this required role, it’s often plagued by a “check the box” mentality with a lack of thoughtful consideration for the types of ongoing responsibilities that a Security Officer should oversee and maintain, and an understanding of where the Security Officer should be within the hierarchy of management, among other problems.
Watch this on-demand webinar, Supercharge Your HIPAA Compliance Efforts, to understand how the Security Officer role can play a critical part in securing the sensitive information under your care. Attendees will receive a free Security Officer Job description template!
- Why Does HIPAA Require You to Have a Security Officer?
- Do the Rules Require Any Credentials or Certifications for This Role?
- What Training is Available to Security Officers to Make Them More Effective in the Role?