Practice Management Alert
Focus on These Three Areas to Prevent HIPAA Breaches
Question: What are the basics I can do to prevent HIPAA breaches in my practice? South Carolina Subscriber Answer: The No. 1 thing you can do to prevent Health Insurance Portability and Accountability Act (HIPAA) breaches is to encrypt your data. But other important aspects of data protection include securing your physical devices and knowing how and where your health information technology (HIT) is stored, secured, and accessed - and by whom. Encryption: Facilities and practices that don't encrypt their electronic protected health information (ePHI) are providing easy access to data thieves, and easy avenues for breaches. When evaluating the security of your patients' data, figure out a plan to protect data if devices go missing; make sure everyone in your practice is utilizing multifactor authentication and at-rest protocols for all of your devices; and that your data is encrypted and decrypted properly, through means that satisfy HIPAA Security Rule standards. Physical safeguards: Make sure your practice has an inventory of all devices used to store or access ePHI and that the list is always up to date. Beyond knowing and tracking the devices, your facility should be protected with security, such as cameras and an alarm system, to minimize the risk of physical intrusion. Top tip: Make sure you also keep an up-to-date list of which employees, IT consultants, vendors, etc. can access any patient data. HIT movement: Along with encryption and awareness of the location and security of your physical devices, make sure you know how and where your data is moving, in terms of the physical device. Follow these helpful steps toward information safety and compliance: designate one person as being in charge of evaluating your practice's risk management and HIPAA compliance; make sure your security protocols are in line with your practice's needs; and make sure everyone on your staff knows who to turn to for compliance and health IT information. "As devices get smaller and more portable, the potential for lost or stolen or misplaced data increases - and so does the risk for a breach," warns Peter Arbuthnot, regulatory analyst with American HealthTech in Jacksonville, Mississippi. That's why it's essential to clearly state who's in charge of the maintenance, care, and updates of practice technology." Resource: For a closer look at the HIPAA Security rule, visit www.hhs.gov/hipaa/for-professionals/security/laws-regulations/index.html.
Practice Management Alert
- Compliance:
Beware: HIPAA Violations Live Past Business Expiration
Liquidating assets won't keep the feds off your tail once they've caught your scent. If [...] - HR Corner:
Consider Personality Tests to Smooth Team Communications
Hint: They're useful for hiring decisions, too. Personality tests can serve as a "legend" for [...] - Revenue:
Medicare Part B 2017 Deadline Looming
There's still time to submit before you miss out on a 4 percent bump. Due [...] - Reader Question:
Focus on These Three Areas to Prevent HIPAA Breaches
Question: What are the basics I can do to prevent HIPAA breaches in my practice? [...] - Reader Question:
Practitioners Can Follow Religious Convictions
Question: Can I abstain from treating a patient whose treatment wants or requirements are against [...] - Reader Question:
Feds Eying Telemedicine for Rural Opioid Treatment
Question: Many people in my practice's rural town are struggling with opioid addiction. There are [...] - Reader Question:
Stark Law May Face the Axe
Question: Rumors abound that the Stark Law will be subject to the Trump Administration's deregulation [...] - Reader Question:
Medical Rideshare May Not Be Easy Fix
Question: Will offering free rides to Medicaid beneficiaries help them make their appointments? New Jersey [...]
