Business Associate Omnibus ReadinessCheck

Hello:
Welcome to our Covered Entity /Business Associate Omnibus ReadinessCheck™
This is a tool to assist covered entities, business associates and subcontractor-business associates to plan their implementation of the Omnibus Final Rule, published in the Federal Register on January 25, 2013, which significantly amends the HIPAA/HITECH Act Privacy, Security, Breach Notification, and Enforcement Rules. This ReadinessCheck™ is intended to guide discussions regarding needed updates and revisions in addition to fundamental requirements for implementing an effective compliance program. Please refer to effective dates in the Rule for required compliance timelines.

Disclaimer
While all information in this document is believed to be correct at the time of writing, this document is for educational purposes only and does not purport to provide legal advice. The information provided here is for reference use only and does not constitute the rendering of legal, financial, or other professional advice or recommendations by eDocSecure. The listing of an organization does not imply any sort of endorsement and eDocSecure takes no responsibility for the publications of third parties. You should seek the advice of your own legal counsel concerning the impact of any regulation on your organization and your appropriate actions.
NOTE: Depending on the degree to which you make comments, this ReadinessCheck™ can take between 30-60 minutes. You may Save and Continue your Omnibus ReadinessCheck™ at a later time. Look for the Save and Continue text at the bottom of your survey.

In responding to questions, use the legend below:

"Yes" – Fully Compliant with the HIPAA Privacy and/or Security requirements in this question, including changes driven by The HITECH Act and Omnibus Final Rule; policies, procedures and practices implemented are aligned with the regulations, industry standards and best practices.

"In progress" – Partially Compliant with the HIPAA Privacy and/or Security requirements in this question, including changes driven by The HITECH Act and Omnibus Final Rule; there are a number of known/identified risks of non-compliance which the management team knows it needs to address.

"No" – Not Compliant with the HIPAA Privacy and/or Security requirements in this question, including changes driven by The HITECH Act and Omnibus Final Rule; Requirements for appropriate and/or updated policies, procedures and practices are significant. There is not a credible plan in place to assure compliance in a timely manner

"I Do Not Know" – I do not have information or knowledge to comment on compliance with the HIPAA Privacy and/or Security requirements and those driven by The HITECH Act and Omnibus Final Rule in this question.

"Not Applicable" – This particular provision of The HITECH Act and Omnibus Final Rule does not apply to my environment.

ACTION / RECOMMENDATION – if you indicate "No", "In Progress" or "I Do Not Know" for ANY of the compliance questions, it is likely the case that you are not in full compliance with either the HIPAA Privacy and Security Final Rules, including changes driven by The HITECH Act and Omnibus Final Rule. Additionally, your entity and your PHI/ePHI are likely at risk.

Press "Continue" to get started...