HIPAA – Ignorance is Not Bliss
“Man seems to insist on ignoring the lessons available from history.” – Norman Borlaug
There is a very difficult line that we walk here at the ICS. We do not want doctors to operate under fear, but we do not want them to ignore the consequences of inaction. We talk to doctors all over the state about many issues, and some of those issues surround regulatory requirements for your office. I have heard doctors give any number of excuses about why they are not doing things right and why they are not going to change.
Consequences of HIPAA Breaches
A doctor once told me when I informed him that he was violating HIPAA law, “I prescribe to the thought that things aren’t as bad as they seem.” So, the following is a sobering list directly from Health and Human Services regarding health care entity consequences resulting from recent HIPAA breaches:
Advertisement
- $2.5 million settlement shows that not understanding HIPAA requirements creates risk – An employee left a company laptop in a locked car, and it was stolen.
- No Business Associate Agreement? $31K Mistake – This was found in a random audit by HHS.
- Overlooking risks leads to breach, $400,000 settlement – A hacker accessed employees’ email accounts and obtained protected health information through a phishing incident.
- HIPAA settlement demonstrates the importance of implementing safeguards for electronically protected health information – A USB data storage device containing protected health information was stolen.
- UMass settles potential HIPAA violations following malware infection – A workstation was infected by malware.
Are you completely certain that your HIPAA procedures, policies, practices, and safeguards are up-to-date and defendable? If not, then please do not ignore these lessons from history. Spend some time and update your procedures and policies, educate yourself and your staff, establish high-quality safeguards and protect your practice. As burdensome as the consequences of non-compliance can be, sometimes the fixes are simpler than you think. Once you learn the steps you need to take, you may be surprised to find that an ounce of prevention is much easier than a pound of cure (or 31,000 pounds of cure). Here are a few resources:
