OSU completed its risk analysis in accordance with the requirements of the HIPAA Security Rule. The CHS risk assessment was completed in February of 2005 and subsequently risk assessments were completed for the Wellness Center and UHS in Spring 2005. Risk Analysis documentation is held in the Contingency Plan at each location and is subject to review as documented in the Contingency Plan.
Several challenges for compliance were identified and mitigated. The result was the formation of a working security committee to address each standard and the implementation specifications related to the standard.
Assignments were made based on each committee member’s job category. The affected members were tasked with reviewing existing policies and procedures for compliance; then editing existing policies and procedures as needed and developing new ones as appropriate. |
