HIPAA compliance is more than just keeping patient records locked up in a file cabinet. One of the largest areas for HIPAA violations is the computer systems and the internal network of a medical practice.
Top 10 HIPAA Violations
- Operating System Compliance
Security and Audit is required d must be managed by business class operating systems and servers. Home editions are not HIPAA compliant.
- Unprotected Data Storage
If your data storage practices onsite and offsite are compliant with HIPAA level security you could be in danger of exposing your patient records.
- Employee Dishonesty
Protecting against dishonest employees or snooping is easily fixed with properly designed networks that use permission level access.
- Improper Disposal
Disposing of patient records incorrectly can be as simple as not wiping hard drives correctly when upgrading to a new systems or not archiving properly.
- Third-Party Disclosure
ou are responsible for the level of security your sub-contractors have if you are disclosing and sharing your patient EHR data with their systems.
- Unauthorized Release
Ensuring that you release records in a secure manner is critical to HIPAA compliance, and making sure you have the proper documentation to support your release is as well.
- Unencrypted Data
Protecting the ER data you collect on your systems should mean that it is encrypted as well and protected from hacking and external breaches.
- Lack of Training
Employee training on HIPAA regulations and their responsibilities is a critical link to properly storing, archiving and releasing patient records.
- Unsecure Records
HIPAA requires that all electronic files and paper documents are encrypted and secure. Proper username and password configurations deter intrusions.
- Verbal Disclosure
Believe it or not training on when and where staff can properly discuss patient records is important and a possible breach.
If you are not sure if you are meeting all the regulations with HIPAA compliance, give us a call to schedule an onsite audit.