HIPAA Security Implementation, Version 1.0
5.5 BEST PRACTICES
-
Post the Privacy Notice as required by HIPAA Privacy Rule
-
Provide individuals with an internal complaint process to discuss their concerns about how their protected health information is handled.
-
Provide an employee suggestion box to improve safeguards surrounding protected health information
-
Establish internal control procedures to ensure policies and procedures are being consistently implemented
-
Let employees know the consequences for non-compliance with HIPAA can result in termination
-
Document all changes to your HIPAA policy and procedure implementation plan.