A receptionist leaves their computer screen open and unlocked while they refill their coffee in the breakroom. Two nurses discuss a patient’s blood work within earshot of the waiting room. A new surgeon leaves their work laptop in an unattended car while running an errand. Seemingly harmless acts such as these could be putting your business at risk of a serious and damaging HIPAA Security Rule violation.
The Health Insurance Portability and Accountability Act (HIPAA) is a complicated set of statutory and regulatory requirements and a critical topic for many employers. A HIPAA Security Rule violation can be any action by an employee that could compromise the privacy of a patient or client’s personal health information. These violations aren’t always as cut-and-dry as an after-visit-summary being sent to the wrong address. They can often take the shape of a simple misstep, such as a clipboard left unattended, or a filing cabinet remaining unlocked after hours. And these violations can lead to highly disruptive and expensive investigations, fines, and litigation expenses.
This helpful checklist outlines a few of the HIPAA violations that our experts at Emtrain have most frequently seen. It also provides tips to avoid such violations and keep your organization in the clear when it comes to HIPAA compliance. Avoid a costly and damaging lawsuit and download this checklist. Post it in your workplace for all employees to see, or send it to your whole team! And don’t forget to check out Emtrain’s HIPAA Online Training Course.
About the Checklist Author
Marcia Augsburger is Emtrain’s HIPAA expert and one of the authors of our HIPAA training course. She has over 28 years of experience representing healthcare-related entities, from hospitals to social media, in connection with HIPAA and state law privacy matters, including risk assessments, incidents, breaches, and general compliance concerns. Her healthcare clients regularly call on her for operations advice, contracting, risk assessment and management, investigations, and compliance programming.