HIPAA violations can be quite costly as Advocate Health Care Network recently discovered. Advocate recently reached a settlement with the Office for Civil Rights (OCR) for the U.S. Department of Health and Human Services to the tune of $5.55 million, along with an agreement to develop and implement a corrective action plan after multiple violations of the electronic protected health information provisions the Health Insurance Portability and Accountability Act requires.
This settlement, while the largest, so far, for a single organization, is so large because it represents a long history and duration of the non-compliance and the exceptional number of people affected by the failure to comply as Advocate is one of the largest health systems in the nation.
The OCR is hoping that this will send a strong message to other medical practices, businesses, and entities that the time to conduct thorough risk analysis and take appropriate action is now.
What Steps Can You Take to Protect Your Business?
You do not have to be a large organization to be at risk for HIPAA violations. At the same time, being a smaller business doesn’t mean you have no tools at your disposal to reduce your risks. Consider the steps below to secure your protected patient information and records.
Create and implement protocols for physical security, technical security, and administrative security designed to protect electronic protected health information. Identify the risks. Then take action to reduce those risks in physical locations where information is stored and on all portable devices. You should also limit the amount of physical access available to electronic information stored in larger data support centers.
Consider biometric scanning, encryption, and other safeguards to protect information stored on laptops. They are becoming more and more affordable and provide an outstanding added layer of protection for electronic protected health information – and other private information.
Simple actions like these can help reduce your risks and correct any potential problems that may exist within your current handling of sensitive and private patient information.
If you’re not sure whether or not your current efforts to safeguard the private information of your patients are adequate, it’s time to seek outside assistance to ensure that you are taking every reasonable precaution to do so.
Global Data Systems, Inc. is a trusted leader when it comes keeping up with the latest trends in technology, tips, and news. Contact us at (888) 849-6818 or send us an email at info@GDSConnect.com to learn about steps you can take to protect protected patient information, your public trust, and your financial interests.