HIPAA Compliance | NAVEX Global

Addressing HIPAA Compliance

The privacy and security of patient healthcare information is important and, with the launch of the Healthcare Insurance Portability and Accountability Act (HIPAA) of 1996, it’s also the law. Healthcare organizations, HIPAA-covered entities, and business associates must comply with the information privacy and security protocols outlined in the HIPAA guidelines. This includes ensuring Protected Health Information (PHI and e-PHI) standards are applied across all physical, network and process security measures.

Fines for violating HIPAA’s medical privacy standards can range anywhere from $100 to $50,000 per violation, and reach up to $1.5 million dollars per year for each violation. Over the last few years alone, HIPAA compliance enforcements have hit $20 million dollars. With personal and protected information becoming more of a priority for individuals as well as regulators, HIPAA covered entities need to fully understand how HIPAA regulations apply to their organization.

See How HIPAA Compliance Training Can Help

What you need to align with HIPAA regulations

Medical Privacy Policies & Procedures

A process to manage policy creation, approval and employee attestation for all applicable HIPAA regulations

Corporate-wide Awareness

A communications plan that informs employees of their HIPAA responsibilities and provides tailored instruction to employees in positions of high risk

Incentives & Disciplinary Measures

Malicious or accidental violations of HIPAA security must be met with appropriate consequences, and proper HIPAA compliance should be acknowledged and rewarded when applicable

HIPAA Compliance Training

Effective compliance training should include regular tests for understanding and completion tracking to ensure commitment to HIPAA responsibilities

HIPAA Security Violation Reporting

Comprehensive whistleblower hotline and incident management processes to ensure proper and timely reporting of potential HIPAA compliance violations

Supply Chain Alignment

HIPAA medical privacy standards must be practiced by each third party responsible for handling PHI on behalf of the organization

Our latest benchmarking reports

2018 Hotline and Incident Management Benchmark Report

2018 Hotline & Incident Management Benchmark Report

Compare your employee reporting metrics and measure your compliance program & organizational culture against 4.5 million reports. Get answers to questions like: Are your employees likely to speak up? Are there reports of misconduct you’re missing? Does fear of retaliation encourage external reports?

View the report

2018 Policy & Procedure Management Benchmark Report

Compare your policy and procedure management program to industry standards and identify where your program needs improvements. Read the top challenges policy management programs face in 2018 and expert recommendations on meeting those challenges.

View the report

2018 Ethics & Compliance Training Benchmark Report

Our annual compliance training benchmark report will help you measure, evaluate and evolve your compliance training program's maturity and effectiveness, and benchmark against 1,200+ of your peers. This year we've taken a more holistic look at overall ethics & compliance program direction, trends and performance, while also maintaining a focus on training programs.

View the report

2018 Third Party Risk Management Benchmark Report

2018 Ethics & Compliance Third Party Risk Management Benchmark Report

An effective third party risk management program is in the interest of all organizations—regardless of size, industry, and number of third party providers. Our 2018 report will help you benchmark your vendor risk management program and its performance against trends in the market and best practices.

View the report