Find your HIPAA hat and put it back on -- the one you wear to tackle complying with the Health Insurance Portability and Accountability Act. There's another HIPAA deadline coming down the pike.
Unless CMS decides otherwise, covered entities -- and that most likely means your practice -- must be fully compliant with the HIPAA security rule by April 21, 2005. This portion of HIPAA focuses on safeguarding patients' protected health information that is created, maintained or transmitted electronically.
If you need help, consider purchasing an Academy resource that aims to ease your trek along the latest compliance trail.
The HIPAA Security Rule Manual: A How-To Guide for Your Medical Practice was developed specifically for small medical practices and offers a 22-step guide to compliance.
"For now, I'd advise physicians to read the manual and be familiar with the security rule," said David C. Kibbe, M.D., director of the AAFP's Center for Health Information Technology.
Physicians would do well to conduct a risk analysis for their practices soon, a task made easier by using a comprehensive checklist available in the exhibits section of the manual, advised Kibbe. "It's important to identify the security risks in your information systems early on and learn how to eliminate those risks to become compliant with the security regulations in the future," he said.
You can download the 138-page security manual at http://members.aafp.org/members/cgi-bin/hipaa_security.pl in either a PDF or text format (the text format allows the user to customize the sample forms). The cost is $50.
FP Report is published by the
AAFP News Department.
Copyright © 2004 by
American Academy of Family Physicians.