We all have annual HIPAA training, but it’s good to have a quick refresh for ourselves and our team members on being HIPAA compliant.
Here is a shortlist of the most common violations that are easily avoidable
Lost or Stolen Devices
Do you use a laptop or an office cell phone for weekend coverage? Make sure that they are password protected.
Improper Disposal of PHI
It's not okay to throw the printed schedule in the garbage. It would be best if you always shredded any PHI. This would also include the proper disposal of hard drives and USB drives.
Getting Hacked
Do you have the proper security and ransomware installed on your workstations and server?
Non-Compliant Partnerships
Do you have BAA with all appropriate partnerships?
Lack of Employee Training/Team Sharing PHI
Employees should not be discussing patients or sharing patient information. This includes patient identifying information and photos on social media.
Another HIPPA violation we commonly see in offices is unlocked computers with the schedule left up on the computer in the operatory or business office, and patients can see who is on the schedule and the treatment to be completed. Therefore, be sure when you step away from your workstation, you lock the screen.
