Common HIPAA Violations
Are you familiar with HIPAA and how it works? What happens if it is violated? There is fines that reach up to $50,000 per occurrence. These violations can be done by any healthcare professional. This even includes a healthcare auditor during a medical records audit. Here at Joyce, CPA, we are here to ensure that your information is protected, Cutler Bay. Nobody wants their tax information breached, this can lead to further issues down the road.
With HIPAA violation fines reaching up to $50,000 per occurrence and a maximum annual penalty of $1.5 million per violation, it is important for medical practices to ensure they are HIPAA compliant at all times. And while all possible HIPAA violations should be considered potential threats to your medical practice, some are more common than others.
Because HIPAA regulations are complex and ever-changing, it’s hard to stay up-to-date on the latest changes and common violations. By ensuring your staff is well-trained on HIPAA compliance and understanding which violations occur most often, your practice can more adequately protect against instances of violations.
Types of HIPAA Violations During a Medical Records Audit
We have compiled a list of the most common HIPAA violations. We want you to be aware of what is possible so you can keep an eye out.
- Keeping Unsecured Records
- Physical files containing PHI should be locked in a desk, filing cabinet or office. Digital data should require secure passwords to access them, in addition to being encrypted whenever possible.
- Unencrypted Data
- Encrypting the data is an added protection if a device containing PHI is lost or stolen. It offers an additional layer of security if a password protected device is somehow accessed, such as through hacking.
- Keeping antivirus software updated and active on all devices containing ePHI is a great place to start as well as using firewalls.
- Loss of Theft of Devices
- Devices containing ePHI are not stored in a secure location at all times, they are subject to the possibility of loss or theft.
- Lack of Employee Training
- When it comes to training employees on HIPAA regulations and compliance, it’s important that every employee who comes in contact with PHI be thoroughly educated.
- Gossiping or Sharing of PHI
- Medical practice employees with access to patient PHI need to be careful about the information they share with others.
- Employee Dishonesty
- Although not always done with a malicious purpose, when employees try to access PHI that they are not authorized to view, this is a HIPAA violation.
- Improper Disposal of Records
- If any of this information is left lying around in a trash can, in a computer’s recent files folder, etc., it could get into the hands of the wrong person, and this would be a serious HIPAA violation.
Keep your medical practice staff well-educated on HIPAA regulations, and make sure your policies and procedures reflect the most recent rules associated with the law. Train them to be careful with records containing PHI, and to share PHI only with those authorized. Otherwise, you may end up with a hefty fine, or even jail time. As a healthcare auditor, you need to be aware of all the precautions.
Contact Us Today
When it comes to understanding common HIPAA violations, it avoids a major headache for the future. Here at Joyce CPA. LLC, we are your resource to keep you following all the rules and keep your business running! We are conveniently located in Cutler Bay, FL. Call or contact us today for more information. We are experts of medical records audit done by a healthcare auditor.