It was in 1996 that the Health Insurance Portability and Accountability Act (HIPAA) was passed by Congress to become law. Long since its passing, covered entities such as healthcare providers, plans, and data warehouses, etc. are still in the midst of trying to achieve full compliance. Fines and complaints continue to mount so why is full HIPAA compliance so elusive even 20 years later? Moreover, how can Unified Communications (UC) help?
Mobility can upset the ideal HIPAA environment. Our mobile devices, including laptops, smartphones, and tablets can cause breaches through carelessness such as loss and more sinister interactions of theft. Leaving mobile devices around unencrypted and containing protected health information (PHI) makes HIPAA violations possible and are the primary cause of breach.
Without knowing it, use of social media apps in the healthcare environment can be an easy set up for a HIPAA violation. Photographs and videos taken in or outside of a hospital that end up on Snapchat, Facebook, or even Pokémon Go, for instance, can expose and identify the PHI of a patient. Take the time to develop a social media policy for compliance.
FAILING TO REVIEW
Covered Entities need to vigorously review their HIPAA compliance measures to assess risks. Routine risk analysis is crucial (and a HIPAA compliance mandate) to evaluate new technologies brought into the healthcare setting and realize any vulnerabilities in network systems and workflows. Regular and automatic security upgrades to network devices are necessary to maintain compliance as well. Verify the safeguards are in place and demonstrate their ability to reduce risks.
Mandatory training in HIPAA compliance is an ongoing measure entities must undertake. Remember to keep your team up to date on how to maintain compliance during onboarding and plan regular reviews....