Infographic: HIPAA, We Have A Problem

Physicians engaging in compliance with standards established by the Health Insurance Portability and Accountability Act face uphill battles at their practices. Regulatory updates and technological advances shift faster than most facilities can evolve internal processes, leaving a wake of challenges to navigate with each transition.

Getting lost in translation

The Final Omnibus Rule from HIPAA was issued in 2013, but some healthcare providers remain unaware of the associated policy updates. Currently, 36 percent of medical office professionals lack crucial understanding of HIPAA's regulations, with an additional 33 percent failing to comprehend the audit strategies implemented by the U.S. Department of Health and Human Services' Office for Civil Rights.

As part of federal initiatives to reform the industry, healthcare professionals are instructed to conduct self-audits to ensure their patient health information is secure. However, only one-third of practices performed formal risk analyses to assess the potential for inappropriate disclosures of PHI. This is a very dangerous pitfall, especially considering the current proliferation of handheld devices at medical practices.

With only 1 in 4 providers cataloging at least three-quarters of their practices' electronic devices that carry patient data, physicians leave clinical information at risk of malicious leaks. This absence of accountability can pose a significant threat to revenue cycle management.

Decreasing the risk of fines

In 2013, 34 percent more HIPAA violations were discovered than in 2011. This indicates a startling drop in security measures designed to protect patients - and practices - from illicit electronic activity. In addition, maximum HIPAA fines have increased to $50,000 per violation, which would be on top of any secondary penalties from other agencies and organizations.

With annual fine total approaching $1.5 million, providers need to find the appropriate answers to mitigating risks with HIPAA violations. Approximately 56 percent of practices have appointed dedicated security offers to continually assess threats and prevent data leaks. However, 30 percent of clinical employees have not participated in HIPAA training sessions, which could lead to added layers of protection against hacking.

Practices need to have formal contingency plans in place to alert providers about breach notifications to prevent further loss. With only 45 percent of care centers claiming to have these fail safes in place, it is evident that more needs to be done to remain HIPAA compliant. Otherwise, practices could have more problems on their hands than implementing EHRs or patient portals for Meaningful Use.

Check out the infographic below to learn more!   

HIPAA, We Have A Problem [infographic]

Share this image on your site:

Kevin McCarthy's picture

Kevin McCarthy

Industry News Editor

An avid traveler and news junkie, Kevin covers a range of topics from healthcare technology to policy and regulations. As a former journalism student, he enjoys finding stories relevant to small practices and is passionate about keeping them informed. Before joining NueMD, Kevin worked for Turner Broadcasting as a Programming Intern where he conducted legal research and contributed to editorial content development. He received his bachelor's degree in Communication from Kennesaw State University and currently serves as the Industry News Editor at NueMD.

comments powered by Disqus