Many years ago, I watched my “abuela” (grandmother) mixing a batch to cook pancakes. She didn’t follow a written recipe, but she knew what to add, when, and how. Those pancakes were amazing but regretfully the recipe was lost after she passed away.
Now as I look back, I wish I had a step-by-step guide to tell me what to mix and how to cook them. I learned from this and now have my own pancake recipe that my grandkid loves. Yet, I’m making the same mistake as my abuela, so I have to take time to write it down.
Just like in this scenario, HIPAA requires that we write step-by-step instructions on how we plan to secure our workplace. We refer to this requirement as implementing policies and procedures. In fact, as I read these policies I always think about the applicability to my own environment as the main goal of these policies is to keep us in a safe and secure environment.
Bottom line, while HIPAA’s policies and procedures will not end up in a great breakfast at least they will give me a little peace of mind.