|
In today's hectic times, HIPAA compliance is certainly a priority. Take a look at the fines associated with ‘willful neglect' HIPAA violations, a category that went into effect on February 17 to gauge its importance. If the Department of Health and Human Services determines a willful neglect violation occurred, you can get hit with fines starting at $10,000 per violation. This is provided you correct the problem within 30 days. If a provider takes more than 30 days to rectify the violation, then the fines start at $50,000 per violation. Nail down the basics for risk analysis You can ward off crippling fines by carrying out a thorough HIPAA risk analysis in order to comply with the security rule if you have not already. The first step in the risk analysis is to look at the ‘big picture' to figure out potential risk points. Focus on these two high-risk areas Some of the most dangerous areas these days involve portable devices comprising protected health information. Little devices, big risks: As devices get smaller and more portable, the potential for lost or stolen or misplaced data goes up and so does the risk for a breach. As a matter of fact, identity thieves view health information data as the "highest quality" available for their purposes. Important: It is very important to secure the information on devices by encrypting it and also have the capacity to remotely wipe the devices clean, including laptops. To achieve the latter, you set the device so that next time it is turned on and the device calls home over the internet. The software can then tell the device ‘you have been stolen', which causes the device to eliminate its data. What's more, unsecured e-mail is also high-risk; copies can be left on mail servers or in unsecured areas. Be careful of remote access Remote access is yet another high-risk issue for providers that have staff or contractors who use computerized PHI offsite. For one, the PHI may end up on networks or computers that are not properly secured. Or an employee's family members may take a look at the information when they make use of the same computer. Even if you make the remote connection secure, once the data is on someone else's computer – it is outside. In order to avoid these risks, off-site workers should make use of a dedicated computer. And you can set it up so that the person accesses data over the web securely without being able to save or print the information. Do not forget this crucial compliance step: Auditing Skimping on the audit process can be a big mistake. You have to ensure everyone is doing what is expected based on policies and procedures, including managing risks related to portable devices and remote access. For more on this and for other tips to keep HIPAA concerns at bay, stay tuned to a medical coding guide like Supercoder.
Related Articles -
HIPAA concerns, Medical Coding,
| 
