Let’s look at the 11 most common HIPAA Violations. Your organization needs a better understanding of what you should and shouldn’t do so that you don’t face a breach.
Lack of Employee Training
Lack of employee training. Nearly 1/4 of healthcare workers don’t receive the proper HIPAA training that they need. But employee education and training can help your organization avoid all of the common violations on this list.
Mishandling of Medical Records
Medical record mishandling using paper records increases the chance that protected health information or PHI will be left exposed for unauthorized people to see. Leaving computers unlocked also poses a risk. Locking your computers when not in use ensures protection of electronic records.
Using insecure technology.
As we use more digital health information, medical records are more susceptible to breaches.
Using insecure technology to share PHI is a huge risk that should never be done because it’ll expose your organization to a breach.
Hacking and Malware
PHI records are worth 100 times as much as credit card numbers on the dark web.
So hackers are intentionally seeking this information. It’s so important to have anti-virus, anti-malware firewall software installed on your devices to help protect against hackers.
Lack of Authorization and Proper Signatures
Some employees will carelessly release PHI because they don't know what's required in order to release it in the first place. Uses and disclosures of PHI requires written consent by authorized individuals when it's not being used for treatment, healthcare operations, or payment.
Incorrect Information
It’s simple, double-check or even triple-check that you are releasing the correct patient’s information.
Improper Storage and Disposal of PHI
While people probably don’t go through the garbage searching for PHI, it’s definitely a best practice and recommended that you dispose of it properly through shredding, destroying, and hard drive wiping.
Lost or Stolen Devices
Human error is uncontrollable and you can’t really prevent a stolen device from happening in the first place. Your organization must have the proper safeguards in place so that the PHI is not exposed from these stolen devices.
Misuse of Social Media
Using more social media increases the chances that a patient’s photo will be shared on the internet. Employees must be cautious about what they post on social media, ensuring that it doesn’t include anything regarding patients.
Casual Conversation
Stories about patients may be fun and interesting but discussing PHI is always off-limits. This includes gossiping about patients to friends, family, or even co-workers.
You never know who might be listening or what they might tell someone about.
Celebrity File Lookups
Not only can talking about patients be interesting, so can snooping into their files. This is very common with celebrities in particular and even with no intention of sharing the information it’s still a breach if you look at files without authorization.
HIPAA violations can be disastrous to a practice. Compliance is not a suggestion, it is mandatory and non-compliance can be very costly. Don’t risk it! Cash Flow Strategies, Inc. is pleased to work with PCIHIPAA and OfficeSafe to provide your practice with a full solution to compliance, training, and protection.
CLICK HERE to receive a free HIPAA Risk Analysis for your practice
Contact Me Directly
Please subscribe to this blog , or contact me with any questions.
Call me directly at 770-224-8504 or 888-780-1333
Schedule a phone call with me by clicking here
Visit my website by clicking here
Visit my YouTube channel by clicking here
Email me at David.wiener@cashflowstrategies.us
1 ) “Do I need to have a Business Associate Agreements on file?”
Recent Comments