Check out this top 10 list from Rachel Pope at Becker’s ASC:
1. Unsecured medical records: Patient medical records should be kept in a safe and secure location at all times. Physical files should be kept in a filing cabinet, and digital ones should be encrypted and password-protected.
2. Stolen and lost devices: Desktops, laptops, tablets and smartphones containing patient information should be kept in a secure location and locked with passwords and encrypted.
3. Hacking: Anti-virus software should be updated and active. Practices should change passwords frequently as well.
4. Unencrypted data: Encryption can protect patient data even if it's stolen.
5. Lack of training. All employees who come in contact with patient data should be trained on HIPAA requirements and safeguards.
6. Employees sharing patient health information: Clinicians discussing patient health data with friends or coworkers is a violation of HIPAA.
7. Illegal file access: Employees accessing files they're not authorized to is a common violation of HIPAA. All staff members should be trained on the correct procedures related to patient data.
8. Improper record disposal: Patient records that aren't disposed of properly constitute a HIPAA violation.
9. Unauthorized information release: Only dependents and those with power of attorney are allowed to access the patient health information of family members.
10. Access of home computers: Leaving patient information available on home computer screens can result in the data being viewed by unauthorized family members.
For more information on protecting your practice from HIPAA violations, visit HIPAAcraticRx.