HIPAA Remediation in the area of security
is about getting launching projects to address gaps
identified. After gap analysis is complete, it is
time to begin prioritizing remediation targets.
Start on the "quick hits." "Quick
hits" can be anything that your organization
is confident will require little resource and will
demonstrate progress toward your goals.
Problems exist in a variety of states and influences.
They will not all be of the same priority. Some
problems will involve relatively flagrant or obvious
violations of HIPAA privacy mandates. These will
generally need to be addressed high priorities.
Identify resources to work through these issues
first.
After identifying resources to address the highest
priority and easiest issues, schedule resources
to address the longer-term remediation targets,
as well as those of lower priority or of lesser
risk.
After remediation, verify that the project work
is satisfactorily completed, and then determine
compliance (possibly use a third party to verify
compliance) and communicate compliance status.
For more information about HIPAA Academy’s
consulting services, please contact Lorna Waggoner
at (877)899-9974 x17 or Lorna.Waggoner@ecfirst.com.
