Rarely does a day go by without hearing of a data breach. For dental offices that must follow HIPAA Regulations, and keep patient’s Protected Health Information (PHI) secure, this is a cause of concern.
As hackers and phishing artists proliferate, a lot is at stake. The bad guys want PHI because they can sell it. You want to protect PHI because you care about your patients and because it’s the law.
How Your Practice Can Be in Violation of HIPAA
No matter how careful you are with PHI, there are some missteps that could leave you vulnerable to an investigation by the Office of Civil Rights, which is in charge of overseeing compliance – or even an investigation by your state’s attorney general, who has the authority to bring civil actions on behalf of state residents for violations of the HIPAA Privacy and Security Rules.
Common Types of HIPAA Violations
1. Mobile Devices
If you allow the use of mobile phones or tablets, you must ensure that any patient data stored on them is encrypted or otherwise protected. This keeps the data secure even if the device is stolen.
2. Risk Assessment
HIPAA requires a regularly performed organization-wide risk assessment to identify possible vulnerabilities to the integrity, confidentiality, and availability of PHI. If you haven’t done this, you leave yourself open to many risks.
3. HIPAA-Compliant Business Associate Agreements
You must have signed agreements that appropriately safeguard PHI with all third parties you work with who may have access to or create PHI. Failure to do so is in violation of the law.
4. Unauthorized Access
If a staff member is curious about a patient and looks at the PHI without authorization, your practice is in violation. If you toss PHI records into the trash, you’re in violation. Safeguard your practice by implementing an authorization system and training staff in how to handle PHI.
Alarming Facts About HIPAA Violations
2 Tiers of Criminal HIPAA Violations
Even if you are not directly liable for a violation, you could be charged with aiding, abetting, or conspiring to violate the law. This can come with criminal fines – even prison.
- At the lowest level of HIPAA violation, you could be assessed a fine of up to $50,000 and/or up to one year in prison.
- At the higher end, your fine could rise up to $100,000 and/or up to five years in prison.
Keep PHI Safe in The Complete Cloud™
When you choose The Complete Cloud™, you’re protecting yourself from HIPAA violations – and the subsequent fines, penalties, hassles, and derogatory after effects.
Find out how we keep you and your PHI safe, and when you’re ready to take the next step, give us a call at 877-627-0787.