HIPAA launches new initiatives each year, but they are doing so even more now that increase in technology related to healthcare information is ever growing. One of the many changes includes the HIPAA audit program, which is currently in phase two. The entities they are planning to audit are decided based upon the size of the entity and their affiliations with other healthcare organizations. As these new initiatives are put into place and the auditing begins, let’s take a moment to highlight a few key things to remember.
Compliance to HIPAA standards is important in the office, but is equally important out of the office. Many people use laptops, tablets, and smartphones to access data, but doing so from an unsecured device can have harsh consequences later. As it relates to healthcare, there has been a huge shift to using electronic medical records, which makes keeping this data secure more difficult. Treat all patient information as sensitive, and be careful of who has access to it. If you are ever concerned about the security of electronic medical records, contact your medical IT support team for more information. Some physicians must access patient information while on the go, or from a smartphone or tablet. However, do so with caution and check with HIPAA standards to be sure it is allowed. If sensitive patient data is ever leaked and traced back to you, you could face some serious consequences.
Physicians also have many vendors that are in and out of their practice. HIPAA applies to those vendors and contracts as well. Make sure everything is secured by passwords so that the chance of theft of sensitive patient data is kept to a minimum. If vendors are to deal with patient data in any way, be sure they have the proper HIPAA standards in place to prevent theft from any of their employees, other vendors, or outside individuals. Remember that everything is traced back to you as the medical professional.
The standards put in place by HIPAA are required, but how you choose to handle implementation is left up to your discretion. While this may seem confusing, it is always best to go above and beyond to avoid any “accidents” or surprises. Keeping up to date on new HIPAA initiatives is a good way to have all your bases covered.
Never hesitate to be in frequent contact with your medical IT support team to ensure that password protected data is always that, protected. In fact, you would probably be surprised to know that nearly 90% of all healthcare providers experience some type of data breach within a two-year period, and we’ll be that they all thought they were perfectly protected. Threats to cyber security happen all the time, and those who do it are getting better and better at it. It is up to us to be aware of the threats, and to be doing everything possible to stay protected.
Articles used for research: