Looking for a Business Associate Agreement? Download our FREE starter template.
Total HIPAA Logo

HIPAA Compliance Must Be Updated As Technology Evolves

Jan 12, 2016

The HIPAA Security Rule was enacted in 2003. Since then, there have been two major changes to the Rule, first in 2009 with the HITECH Act and most recently in 2013 with the Omnibus Ruling. But, with the pace technology moves, HIPAA has had a hard time keeping up with the changing times. Since HIPAA was proposed in 1998, there have been many significant technology revolutions that have dramatically changed the way we socialize and do business. Here are just a few:

1995 – AOL.com launches
1998 – Google founded
2004 – Facebook founded
2005 – YouTube launched
2007 – First iPhone released
2009 – Cloud computing gains traction
2010 – Healthcare providers begin storing health records electronically

Even though the HIPAA Rules may not address the changing landscape of technology, it does give you a great framework to help your company navigate these uncharted waters.

How do you stay ahead of it all?

According to Tom Walsh, in his December 25, 2015 interview with Marianne Kolbasuk McGee for Healthcareinfosecurity.com 1, the three most important things HIPAA requires you to do are:

  1. Conduct a Risk Assessment
  2. Document your findings
  3. Work Your Plan

Your Risk Assessment is the first and most important step. This helps you identify any holes in your security plan. HIPAA requires this, and it is the first document HHS will ask for if you’re being audited.

Once you have your Risk Assessment, you must document your Policies and Procedures — both Privacy and Security. This is how you tell your employees how they should protect PHI in your company. If you don’t have a written plan, you don’t have a plan.

No plan is perfect out of the box. Your plan will continue to evolve as you hire new employees, adopt new technologies, and expand into new business ventures. You may find a specific procedure sounded great in theory, but when implemented, it just doesn’t work. That’s OK; be sure to document the changes! The key is to listen to feedback from employees, and be flexible as long as any changes aren’t compromising your Security!

To learn more about creating a compliance plan that meets your needs, checkout our Solutions today!

1. McGee, Marianne Kolbasuk. “Why the HIPAA Security Rule Needs Updating.” Gov Info Security. 21 Dec. 2015. Web. http://www.govinfosecurity.com/interviews/the-hipaa-security-rule-needs-updating-i-3021.

Sharing is caring!


Looking for a Business Associate Agreement?

Download our free template to get started on your path toward HIPAA compliance.

Download Now

Let's keep in touch.

Stay up to date on the latest HIPAA news, plus receive tons of free tools and info.

Navigating HIPAA Compliance in 2022

Watch the recording of this webinar to learn more about how you can become and stay HIPAA compliant!


Related Posts

Why Insurance Agents Need to Be HIPAA Compliant

Why Insurance Agents Need to Be HIPAA Compliant

The world of HIPAA compliance is often confusing and complex. It can be hard to tell what exactly the standards and requirements are and to whom they apply. Whether you’re an insurance agent or do...

Save & Share Cart
Your Shopping Cart will be saved and you'll be given a link. You, or anyone with the link, can use it to retrieve your Cart at any time.
Back Save & Share Cart
Your Shopping Cart will be saved with Product pictures and information, and Cart Totals. Then send it to yourself, or a friend, with a link to retrieve it at any time.
Your cart email sent successfully :)