Let’s address the (ahem …) hippo in the room. HIPAA compliance continues to be a real challenge for small and midsized businesses.
HIPAA is an acronym for the Health Insurance Portability and Accountability Act, which has very specific rules and regulations around a patient’s health information.
Larger healthcare organizations – hospitals and insurance companies – have in-house information technology teams, but smaller businesses don’t have the same depth of IT help on hand. Yet they must abide by the same rules.
Risking a HIPAA violation can be costly. Fines reach up to $50,000 US dollars per occurrence.
Common violations include:
Keeping records unsecured. WellPoint didn’t secure an online health database and paid $1.7 million
Not encrypting data. The Massachusetts Eye and Ear Infirmary failed to encrypt physicians’ laptops, which led to a $1.5 million fine.
Loss or theft of devices containing personal health information (PHI). A pediatric practice in Massachusetts lost a flash drive and settled for a $150,000 fine.
Failing to train employees in HIPAA compliance. A Walgreens in Indiana breached a single patient’s privacy and paid her $1.44 million.
Disposing of records improperly. Affinity Health Plan paid $1.2 million after failing to erase the photocopier drives before returning them to the leasing company.
Releasing information without authorization. Phoenix Cardiac Surgery posted a patient’s appointment on an online calendar and paid $100,000.
Disclosing PHI to third parties who do not have access rights. A medical practice in Phoenix sent patient data over insecure email and was fined $100,000.
Tips for HIPAA Compliance
Be aware of HIPAA requirements. Smaller businesses can have a tougher time remaining up to date on technology and guidelines. But that doesn’t make them any less accountable for understanding HIPAA compliance. It’s important to do the research and get educated, or partner with an IT provider with the expertise to prevent possible violations.
Embrace encryption. If your business deals with any confidential information, encryption and firewalls are necessary. Prevent outside traffic from accessing your systems. Ensure data can’t be read if there is unauthorized access. If there is a breach, or a lost or stolen device, the HIPAA penalties are reduced if encryption is used.
Protect all your endpoints. Any mobile devices that have access to patient data need to be secured. With mobile device management, for instance, you can lock down and wipe lost or stolen devices.
Err on the side of caution. Employees gossiping over coffee in a dentist’s office could share patient information, or someone might be sending an email with unencrypted data, or a health announcement with recipient names visible. All these are HIPAA violations. Humans will make mistakes, yes, but it’s less likely if you educate about regulations and the importance of being careful.
Get a HIPAA Check-Up
HIPAA has been around since 1996. In 2005, regulators got more serious about electronic versions of PHI. Yet there are still some businesses out there with only a vague idea of what it means to be compliant.
Heavy hitters in healthcare already take HIPAA seriously. You should, too. So, you haven’t been audited yet, but that doesn’t mean you won’t be. A $50,000 HIPAA fine could make the difference in your business staying afloat another year.
HIPAA compliance is critical for many organizations. Set policies and procedures. Put in place security awareness training. Start using encryption, and assess for risks.
Be proactive with your IT management. By working with IT experts, you can stay on top of HIPAA and remain complaint. A managed services provider can assess risk, identify improvement areas, and propose new tech.
Call us at 570-243-9205 to get your IT and access management policies in healthy shape.
We found it very easy to work with Underdog. He gave a very clear and professional quote, he has been promptly responsive in all communications, and the network is working great. I feel very good about using his company for any future IT needs for our business.
Pam Watkins, Forks Bistro
Barton Heights had a very successful computer upgrade due to Underdog. I met with him 2-3 months before the project and he gave us an estimate of the entire upgrade process involving 31 computers and a server. He advised us and placed the order. He also worked with us and ended up revising the estimate twice to completely satisfy our computer upgrade needs. He added true value to his service as he was willing to perform the upgrade in the evening when we were closed to minimize our down time as we are a paperless business and rely 100% on our computers. Carmine stepped up and took care of those problems as well, even though that was not his responsibility. He always responds quickly to any issue that occurs. I would highly recommend him to anyone!
Dr. Jeremy Wentz., Barton Heights Veterinary Hospital
I HAVE WORKED WITH CARMINE FOR MANY YEARS. HE HAS DONE EVERYTHING FROM NETWORK SERVER INSTALLATION TO PROGRAM TROUBLESHOOTING. HIS QUALITY OF WORK AND KNOWLEDGE ARE OUTSTANDING. YOU CAN ALWAYS COUNT ON Underdog TO WORK HARD FOR YOU.
Tim Stump, Shawnee Mountain Ski Area
Underdog makes you feel that you are his first concern if you have a Server down or you have a small printing question. We have been with Carmine for 16 years and have only received quality service.
Dee McConnel, Straub Metal International
Thank you Underdog. Will recommend you from the rooftops.
Law Office of Maria T. Candelaria, Maria Candelaria
12 years in business and I have been there and done that with other IT / Computer biz, and finally found one that listens, asks questions, and comes up with a plan.
If you are having issues or just want to see if there are options for and avenues of improvement for your computer / networking needs, checkout Underdog Computer and Network Support LLC.
There are some others that are good, but I cannot express the difference enough - they actually get it! Every business IS different with different needs and processes, and they take the time to find what is best for you instead of what they think is best for you!
Thank you, Carmine J. Corridore, for allowing me to have a stress free vacation this year! I look forward to working with you in the near future for some serious upgrades!
Carollee Streeter Kidd, CLK Transcription
"Underdog Computer and Network Support are amazing. They go over and above to help the small business owner Thank you Carmine for all you do"
Jennifer Narkavich, My Girl Managed Services - Marketing Consultant
Underdog Came out to install our Phone System. They made a complicated process easy. Brian Davis, Full Circle Removal.
Brian Davis, Full Circle Removal
We have used Underdog Computer and Networking for business and personal use. We have found them easy to schedule an appointment, very responsive, professional, and quick to isolate the problem and/or identify our real need. We highly recommend Underdog.