Ways You May Be Breaching HIPAA

7

Many physicians and healthcare practitioners find it difficult to critically analyze HIPAA, thinking of the phrase “HIPAA violation” mostly in terms of “financial penalty.” However, reality is that HIPAA exists to protect patient data. Remember, you may not be caught for the small HIPAA violations you do, and you may not get penalized for unintentionally breaking a rule. But why don’t you do everything in your capacity to circumvent any breaches at all?

Given the lengthy and complex to-do list most healthcare practitioners follow these days, you may think that HIPAA will be taken care of later on. However, you should bear in mind that when you take the risk to breach HIPAA, you are also putting your patients at risk in addition to potentially damaging your integrity and status as a professional.

Below is a list of the HIPAA violations you may be committing. Fix them right away!

1. Failure to Use Email Encryption

Hackers are always busy trying to get access to your emails, and if you fail or ignore to use email encryption, even for the apparently unimportant data, there are chances that hackers can get access to your patients’ information. Remember the case when hackers gained access to Sony Pictures’ data, and in 2014 the company declared that the stolen emails also contained employee medical data. You should immediately ask the relevant department for email security.

2. Leaving Paperwork Unattended

Using an EHR is a good method to safeguard patient data; however, you should be careful about paperwork, diagrams and forms that you may have from the days before you introduced EHR. Paper files are always at risk of theft, and leaving them unattended means that anyone can get access to the medical information of your patients. Always place paperwork in secure places. If you want to throw them away, make sure to scrap/shred them before disposing of them.

3. Emailing the Wrong Person

This is one of the common mistakes physicians and healthcare managers commit. However, the results are often horrific. You can risk your patients’ data and they would not trust you because you failed to verify the recipient email address before sending out an email. You should always double-check recipient addresses before sending emails to be on the safe side. Better safe than sorry!

4. Disclosing Patient Information in the Waiting Lounge

If you discuss patients’ information in the waiting lounge or at the check-in, or if you are maintaining a board to record the day’s appointments, you are violating patient privacy. Always make sure to discuss patient information, including information you consider trivial, in private and communicate the same to your staff.

Remember to be careful even if you’ve never been fined for violating HIPAA provisions. Breach of patient information can ruin your career and put your patients at risk. Therefore, you should make sure to handle each patient’s data with a high level of regard and care.