Amen, Dwight! Good advice for those operating internally or externally...In addition to HIPAA training could I add, establish necessary policies and procedures for dealing with confidential health information in compliance with the privacy rule...maintaining information using methods that meet the minimum requirements articulated in the HHS model business associate provisions... confirm that physical and digital controls meet the minimum requirements of the security rule...establish an incident response plan as a part of breach notification requirements...etc. 

Best wishes,

Jim Booth
Records & Information Management Practice Leader

Brightstone Insurance Services, LLC
Direct - 919.323.3266
Direct Fax - 914.636.0802
Main - 877.862.4755 x 3266
[log in to unmask]

List archives at
Contact [log in to unmask] for assistance
To unsubscribe from this list, click the below link. If not already present, place UNSUBSCRIBE RECMGMT-L or UNSUB RECMGMT-L in the body of the message.
mailto:[log in to unmask]