HIPAA compliance is mostly seen as an annoyance to doctors, just another thing a practice owner is required to do. Don’t get me wrong, many of the requirements can be annoying, 10 minute screen timeout, new password every 90 days. It can be frustrating. The problem is, no one is thinking about the reason for all of it. The patients.
There are some clinics who don’t see a value in becoming compliant, it costs money and you’d rather spend time growing your practice. There is nothing wrong with that…until something happens.
The most common thing to happen to clinic is physical theft. Whether that’s a break-in at the practice or somebody stole a laptop out of your car. It happens all of the time. If you read my <a href="https://www.linkedin.com/pulse/top-8-reasons-your-clinic-compliant-aj-bates?trk=prof-post" onclick="__gaTracker('send', 'event', 'outbound-article', 'https://www have a peek at this site.linkedin.com/pulse/top-8-reasons-your-clinic-compliant-aj-bates?trk=prof-post’, ‘last post’);” target=”_blank”>last post you would know one of the most common reasons clinic’s are not compliant is from un-encrypted hard drives.
This is where this matters.
Someone breaks in to your clinic, steals a computer that is not encrypted, and suddenly they have all of your patient’s sensitive information in there hands. First, you are required to report this to the Department of Health and Human Services. Secondly, you have to tell all of the affected patients.
The real sting will be losing the trust of all those patients you fought for and than the Office of Civil Rights is going to hit the clinic with a heavy fine for being negligent with you patient data, up to $2 million.
For example, Concentra Health Services was fined $1.7 million for a stolen un-encrypted laptop containing patient data and failure to properly encrypt hard drives and laptops which compromised health records.
The biggest reason a practice owner should care about this is simply because they want to protect there patients. The reason HIPAA regulations are becoming more strict is because more clinics are being hacked. More and more people are having there identity stolen. Medical records are worth ten times more than credit cards on the black market.
Sorry for talking all doom and gloom, but HIPAA regulations are in place to protect your patients, not to annoy the doctors.
If anyone has any questions feel free to email me and if you are in the Minneapolis/St Paul area I would love to grab a coffee and chat.