Most of us know HIPAA as the legislation that ensures we manage our data and patient information properly. We make sure our employees are trained properly and regularly to protect our patient’s privacy, and ensure we remain HIPAA compliant. But, there’s actually a lot more to this legislation than just data security.
The Health Insurance Portability and Accountability Act of 1996, known as HIPAA, consists of 5 different titles. The goal of the act was to improve the portability and continuity of health insurance coverage, to improve access to long-term care services and coverage, to reduce waste and fraud in the insurance and healthcare delivery, and other purposes. It’s a comprehensive and wide net that covers many aspects of the healthcare industry, but the one we’re concerned about in this context is the part that refers to protection of patient data.
Keeping private documentation safe and secure has become a growing challenge for many healthcare practices. With the constant flow of private information changing parties, the strain to remain compliant and employ best practices is endless.
According to the data breach index of 2017, there were over 2.6 billion data records compromised throughout that year. That number translates into 82 records being stolen every second, and only 4% of that theft was rendered secure, meaning the data stolen was deemed useless.
27% of those breaches were in the healthcare industry, which represents the largest cohort. The runner-up was the financial industry, with just 12% of the total breaches.
It’s clear from this data that healthcare facilities are a top target when thieves are looking to steal personal information. What steps can your organization take to not only stay safe, but remain HIPAA compliant?
- Use designated shredding and recycling bins, always. Protect the information while simultaneously protecting the planet!
- All printers should be on a secured network. It turns out, plenty of data breaches happen through printers that are on an unsecured network, or a wireless one. Only print what you absolutely have to, and ensure wireless printers are equipped with as much security and passwords as everything else.
- Old hard drives and devices that are no longer in use need to go. While you may not longer be using them, old data and devices sitting around can become a major target for possible threats. Remove everything you need from old devices and hard drives, and dispose of them safely and securely.
- Pay attention to what’s sitting on your desk. This is part of Compliance 101 but it’s something many of us are guilty of. We get complacent, and leave things lying on our desk. Or, we get behind on our work and let things pile up that need to be filed. Sort and file, or dispose of things that don’t need to be kept.
- Ensure everything in the shredder is disposed of securely. Throwing these documents in the regular trash may seem fine, but it can open you up to a potential data breach. Select the right medical waste management partner to ensure your shredded documents remain secure, and are disposed of and recycled safely.
With the right systems and practices in place, you can keep your organization’s data secure and ensure you remain HIPAA compliant!