Nfp Benefits Compliance Podcast

In this episode, Chase Cannon and Suzanne Spradley discuss employer compliance with the HIPAA privacy and security rules via lessons learned from three new HHS HIPAA settlement announcements. Chase leads off with a high-level review of the HIPAA rules for both fully and self-insured plans and the importance of safeguarding protected health information (PHI). Chase and Suzanne discuss the background and scenarios that led to the HHS investigation, how unauthorized access to PHI arose in the three settlement scenarios, and the importance of employers running a HIPAA risk assessment to get ahead of potential HIPAA problems. Chase and Suzanne share practical tips on HIPAA compliance, including training employees, involving IT and Technology teams when developing policies and procedures, and controlling access points (servers, emails, etc.) to electronic and physical PHI.