The Outpatient Ophthalmic Surgery Society outlined four ways ophthalmic ASCs can be HIPAA compliant in a recent webinar.
Here are the key insights they shared:
1. ASCs must make HIPAA compliance part of their company culture.
2. Administrators should encourage business associates to practice technical due diligence, and supply proof they have proper protections in place to protect shared data.
3. Even if ASCs have policies, procedures, manuals or have paid to have employees trained in HIPAA compliance, that doesn't mean the practice is compliant.
4. Having a security risk assessment done is not the same as being HIPAA compliant.