CMS is now the enforcement arm of the HHS for HIPAA and they’ve posted a sample interview/document request sheet.
You should already be prepared to answer questions like these if your security program is maintained well. It will be important to limit the scope (i.e. have a well-defined list of where EPHI - Electronic Protected Health Information - is stored) and it’s probably an even better idea to map the areas outlined against your policies and whatever standards you’ve built them against.
Technorati Tags: 
Recent Comments
6 weeks 13 hours ago
6 weeks 1 day ago
7 weeks 1 day ago
8 weeks 3 days ago
8 weeks 6 days ago
19 weeks 3 days ago
19 weeks 3 days ago
21 weeks 17 hours ago
22 weeks 2 days ago
23 weeks 19 hours ago