HIPAA Compliance Audit

HIPAA Security Compliance AuditHIPAA compliance is more than just keeping patient records locked up in a file cabinet. One of the largest areas for HIPAA violations is the computer systems and the internal network of a medical practice.

Top 10 HIPAA Violations

  1. Operating System Compliance
    Security and Audit is required d must be managed by business class operating systems and servers. Home editions are not HIPAA compliant.
  2. Unprotected Data Storage
    If your data storage practices onsite and offsite are compliant with HIPAA level security you could be in danger of exposing your patient records.
  3. Employee Dishonesty
    Protecting against dishonest employees or snooping is easily fixed with properly designed networks that use permission level access.
  4. Improper Disposal
    Disposing of patient records incorrectly can be as simple as not wiping hard drives correctly when upgrading to a new systems or not archiving properly.
  5. Third-Party Disclosure
    ou are responsible for the level of security your sub-contractors have if you are disclosing and sharing your patient EHR data with their systems.
  6. Unauthorized Release
    Ensuring that you release records in a secure manner is critical to HIPAA compliance, and making sure you have the proper documentation to support your release is as well.
  7. Unencrypted Data
    Protecting the ER data you collect on your systems should mean that it is encrypted as well and protected from hacking and external breaches.
  8. Lack of Training
    Employee training on HIPAA regulations and their responsibilities is a critical link to properly storing, archiving and releasing patient records.
  9. Unsecure Records
    HIPAA requires that all electronic files and paper documents are encrypted and secure. Proper username and password configurations deter intrusions.
  10. Verbal Disclosure
    Believe it or not training on when and where staff can properly discuss patient records is important and a possible breach.

If you are not sure if you are meeting all the regulations with HIPAA compliance, give us a call to schedule an onsite audit.