Takeaway for today: It is time to completely rethink the way you look at HIPAA Compliance requirements in your business. HIPAA Compliance has changed. It is no longer something you can just check off your list once or twice a year.
A practice administrator told me she uses the phrase One and Done often for the things she can just check off her list. “You know, if I do this one thing I am done with that project and ready to move on to the next. My plate is too full so I have to think what I can get done as a One and Done.” she said.
HIPAA has been for her, and many practice administrators, a One and Done for so many years it is hard for her to see the bigger picture that is now in front of her. Just as my previous articles have mentioned, the old HIPAA compliance documentation, review, and training work that you did One and Done once, or maybe twice, a year have gone the way of the dodo. Those who continue to work this way will have to change one way or another. Thankfully, the one I was talking with is changing her HIPAA compliance approach and looking at it as a more comprehensive part of normal day-to-day business instead of that thing to check off her list one time. By breaking HIPAA into projects instead of a whole, you can make smaller pieces be your new ‘One and Done’, just not all of HIPAA.