Under the HIPAA Privacy Rule, healthcare providers are required to protect and keep confidential all personal health information for patients. It is imperative for clinicians and staff to proactively work to ensure HIPAA compliance at all times!
HIPAA violations can carry fines as high as $50,000 per occurrence, and a maximum annual penalty of $1.5 million per violation. To make compliance easier for you and your staff, here is a list of 5 common HIPAA violations and how to avoid them:
Unsecured Medical Records
All documents with protected health information (PHI) should be kept in a secure location at all times. The same goes for digital files. A locked filing cabinet or desk is the best place for physical documents, while encrypted or password-secure documents are the best place for digital files.
Lost or Stolen Devices
Store any devices with electronic patient information in a secure location and make sure all devices are password protected and encrypted. Mobile devices are the most vulnerable to be lost or stolen because of their size. You can be fined in cases of patient data accessed through lost or stolen devices.
Hacking
Hacking is always a threat and all physicians need to protect their medical practices. Keep antivirus software up to date and activated, use firewalls, and change passwords frequently.
Employee Sharing of PHI
Be cautious of discussing patients with friends or coworkers after work. If PHI needs to be discussed, it should be done privately and only with appropriate staff. Make sure all staff members know this and caution them to always be aware of their surroundings, and to always avoid sharing any patient information with friends or family.
Home Computer Access
Sometimes, physicians and nurses may use their home computers or laptops to access patient records to follow-up on notes after hours. Leaving that information up on a screen and walking away from it can result in unauthorized viewing of PHI by family or friends. Be extremely cautious with data, use password protection, and keep screens out of sight!
These are just a few of the many situations in which a HIPAA violation can occur. You should have your patient’s privacy at the top of your mind in all situations!