- All staff members are not assigned a unique identifier for system access
- Practice does not have in place policies and procedures to ensure an accurate and complete accounting of disclosures and a sample of your report to patients
- There is no documented confidential communications process in place
- The office does not have a documented list of all users (employees) with their job descriptions and level of access
- HIPAA required documentation is not kept for a period of 6 years (not to be confused with medical records)
- Lack of enforced sanctions policy
- You do not have a procedure, documentation or process for a patient filing a privacy complaint with the office
- Your staff did not apply Minimum Necessary standards
- Lack of yearly training of all employees
- your notice of privacy practices does not contain all the required disclosures
Where does your office fall in the above?
Wilson Technology Group is HIPAA CHP and CHSS Certified.
For more information on this and other topics , go to: www.wilsontechgroup.com