Anesthesia Business Consultants President and CEO Tony Mira stressed while HIPAA audits may be over, HIPAA enforcement is always ongoing.
He urged all practices and their business associates to be mindful of the administrative, technology-related and physical processes and procedures that safeguard health information under HIPAA.
Here's what you should know.
1. "Practices can't be too careful when it comes to HIPAA compliance," Mr. Mira noted in a blog post. He suggests practices conduct periodic security risk assessments and urges practices to have policies and procedures in place to safeguard patient health information.
2. Whenever a provider is in possession of protected health information, they are responsible for it, and if that information is left out, it could potentially violate HIPAA.
3. HHS' Office of Civil Rights has settled or imposed monetary penalties in 53 cases totaling more than $75.2 million since the HIPAA Privacy Rule went into effect in 2003. OCR has received 173,000-plus complaints and investigated more than 37,000 of them.
4. Mr. Mira listed the 10 most common HIPAA violations. They are:
- Employees disclosing information
- Medical record mishandling
- Lost or stolen devices
- Texting patient information
- Social media
- Employees illegally accessing files
- Social breaches
- Authorization requirements
- Accessing patient information on home computers
- Lack of training
To read more, click here.