Want to know why encryption is so important for your work communications? Ask one health care provider that learned the hard way, noted Jim Sheldon-Dean, director of compliance services with Lewis Creek Systems during a recent Eli-sponsored Audioeducator.com webinar “HIPAA Audits in 2015 — Being Prepared and Avoiding Penalties.”
In an enforcement action recently announ-ced by the HHS Office for Civil Rights, a physician practice in Phoenix was fined $100,000 because its doctors were using plain Gmail and plain Google calendar for their professional communications involving protected health information. The emails and calendars were not encrypted and were easy for others to access, creating a violation.
Takeaway: Ensure that your email systems and calendars are well secured.
Likewise, texting is not secure unless both parties use a secure texting app. If they aren’t using secure technology and are exchanging PHI, they could be in violation of the rules, Sheldon-Dean cautioned. “Plain texting involving PHI is a very insidious problem and is probably the biggest problem that has snuck in the back door because people start using it and they see how easy it is.”