Tag Archives: HIPAA

Ways You May Be Breaching HIPAA


Many physicians and healthcare practitioners find it difficult to critically analyze HIPAA, thinking of the phrase “HIPAA violation” mostly in terms of “financial penalty.” However, reality is that HIPAA exists to protect patient data. Remember, you may not be caught for the small HIPAA violations you do, and you may not get penalized for unintentionally breaking a rule. But why don’t you do everything in your capacity to circumvent any breaches at all?

Given the lengthy and complex to-do list most healthcare practitioners follow these days, you may think that HIPAA will be taken care of later on. However, you should bear in mind that when you take the risk to breach HIPAA, you are also putting your patients at risk in addition to potentially damaging your integrity and status as a professional.

Below is a list of the HIPAA violations you may be committing. Fix them right away!

1. Failure to Use Email Encryption

Hackers are always busy trying to get access to your emails, and if you fail or ignore to use email encryption, even for the apparently unimportant data, there are chances that hackers can get access to your patients’ information. Remember the case when hackers gained access to Sony Pictures’ data, and in 2014 the company declared that the stolen emails also contained employee medical data. You should immediately ask the relevant department for email security.

2. Leaving Paperwork Unattended

Using an EHR is a good method to safeguard patient data; however, you should be careful about paperwork, diagrams and forms that you may have from the days before you introduced EHR. Paper files are always at risk of theft, and leaving them unattended means that anyone can get access to the medical information of your patients. Always place paperwork in secure places. If you want to throw them away, make sure to scrap/shred them before disposing of them.

3. Emailing the Wrong Person

This is one of the common mistakes physicians and healthcare managers commit. However, the results are often horrific. You can risk your patients’ data and they would not trust you because you failed to verify the recipient email address before sending out an email. You should always double-check recipient addresses before sending emails to be on the safe side. Better safe than sorry!

4. Disclosing Patient Information in the Waiting Lounge

If you discuss patients’ information in the waiting lounge or at the check-in, or if you are maintaining a board to record the day’s appointments, you are violating patient privacy. Always make sure to discuss patient information, including information you consider trivial, in private and communicate the same to your staff.

Remember to be careful even if you’ve never been fined for violating HIPAA provisions. Breach of patient information can ruin your career and put your patients at risk. Therefore, you should make sure to handle each patient’s data with a high level of regard and care.

What To Ask Your Telemedicine Vendor


There are a number of options to choose from when it comes to telemedicine. Having a huge variety is a good thing, however it also makes it difficult on some people to pick the right one at times. Choosing the right vendor involves serious consideration, here are the most important aspects that you must enquire about.

1. What are the initial and maintenance costs?

Ask all details of the pricing and any maintenance costs, setup costs, monthly fees. You might need extra data storage in some cases. To make sure you budget properly, it is very important to be clear about all kinds of costs involved.

2. What kind of training packages do you offer?

Training the staff to incorporate the new systems into their work is essential. The vendors often are the best options for training. Ask the vendor their terms and costs of training.

3. Is the platform HIPAA/ HITEC compliant?

Data security is imperative in healthcare systems, the solution must be 1005 secure and HIPAA compliant. This is because there is confidential and personal information stored on the cloud, which must be kept safe and secure.

4. Is the system accessible via mobile?

Mobile access is needed in order to provide patients treatment anytime, anywhere. Check whether the platform has a mobile app since the presence of an app makes things much easier.

5. Will the setup and management require a dedicated IT staff member?

User-friendly systems can be easily managed. If the solution is tailored to your workflows, it would be easy to maintain.

6. Is the platform cloud-based?

These systems are easier to install and manage; they require no extra data storage onsite.

7. Do I need to purchase any additional equipment?

When evaluating your options, consider if the system will need additional equipment to be set up. Enterprise level systems are complex and often include additional equipment such as carts, telemedicine kiosks, screens, data storage, etc.

8. Does it have live conferencing and what is the video quality?

Video quality depends on the bandwidth of the patient and hospital, but at a minimum the system should have HD video when the bandwidth permits.

9. Is ePrescribe enabled on the platform?

ePrescribe capabilities can be a big bonus and can enable the doctor to send prescriptions directly to the pharmacy.

10. Is patient billing supported?

An integrated billing module will make your workflows more efficient.

11. Do you offer patient marketing solutions?

If the healthcare facility does not have proper marketing staff, the vendor can help provide the marketing resources to communicate the benefits of the new system.

12. Can it be used with EMR?

Enquire how the solution will work with your EMR and whether telemedicine visits can be imported to your EMR.

13. Is reimbursement possible?

Ensure that the vendor is familiar with reimbursement procedures. The direct-pay model is normally used; reimbursement options must also be explored.

14. What level of technical support do you offer?

All systems will face glitches and errors, the vendor can help resolve these.

15. Do you provide a client success team?

A client success team can help you set up, provide training to staff and get the system up and running.

Once you have answers to all these questions, you can compare your options and see the one that fits your requirements the best. However, it should be remembered that a vendor that offers all these services may be a little more expensive.