I hope you enjoy reading this blog post.

If you want my team to just do your IT services for you, click here.

2017 HIPAA forecast: 3 important reminders

by | 0 comments

Although totally necessary, data privacy regulations are often a gigantic headache. And king among the various compliance standards is HIPAA. Despite the legislation’s enactment back in 2003, the rules governing electronic medical records and protected health information continue to change and evolve every year. Let’s take a moment to go over three things you need to remember for HIPAA compliance as 2017 unfolds.

Compliance leaves the office with you

When you take your phone, laptop, or tablet with you — as you return home, or go to a meeting outside your office or a seminar out of state — your data needs to get the same treatment it does inside the office. If you access data from unsecured devices or connections, you could be looking at stiff penalties when audit time rolls around.

As an extension of this principle, business partners with any involvement in your data storage, transfer, or protection are also required to employ best practices. If you have a legal firm on retainer with access to your network, it’s your responsibility to ensure that firm also adheres to compliance rules. Business Associate Agreements are the best way to shield yourself from mistreatment of data by a business partner, and they should be reviewed at least every year.

Most “optional” measures…aren’t actually optional

Confusingly, HHS’s Summary of the HIPAA Security Rule page has a heading titled Required and Addressable Implementation Specifications. The synopsis can be interpreted as, “Although we listed some safeguards as addressable, we actually mean that they have to be implemented. But how you do so is up to you.”

2016 saw a massive uptick in the number of HHS audits and the fines the government entity doled out. Consequently, whenever safeguards or measures allow for wiggle room or subjective interpretation, we always recommend going above and beyond. Compared to fines that soar into the millions of dollars, hiring a managed IT service provider is more than worth it.

This is about more than being “careful”

Some providers are quick to point out that compliance is about stringent safeguards to prevent even the tiniest of breaches. How do you think those practices would respond if you told them one Ponemon survey found that 90% of healthcare practices experienced a data breach during a two-year period?

Managing cyber security is becoming a problem for organizations in every industry. Business owners need to acknowledge that the threats are real, and that solutions must be exhaustive. In fact, most states have enacted their own variation of patient privacy legislation. So if you’ve found a thorough walkthrough of compliance written by someone located in another state, that’s not going to cut it.

To confidently achieve HIPAA compliance, you need IT technicians with experience adapting to years of changes to this complicated legal framework. Call us today so we can help you secure and manage your electronic medical records and protected health information.

Published with permission from TechAdvisory.org.
Source.

Written by

Varay

About

Our blog provides actionable IT insights that empower you to enhance your company today. Keep up to date with the latest business technology, cybersecurity practices, and more by subscribing below!

Subscribe

Partner with Varay for IT Excellence and Business Growth!

Get In Touch

Partner with Varay or IT Excellence and Business Growth!

Your path to enhanced services and business growth starts here. Act now to elevate your IT experience with Varay!