Health Information Compliance Alert
'Willful Neglect' Violations May Eventually Expand to Stolen Laptops or Other Devices Containing Unencrypted PHI
PDF
It could happen, says HIPAA expert. Willful neglect violations can lead to some humongous fines. And one of your practice's biggest vulnerabilities may be portable devices containing unsecured PHI, say experts. "HHS hasn't formally made a determination that a lost or stolen laptop [or other device containing unencrypted PHI posing a significant risk of harm to an individual] represents willful neglect," observes consultant Abner Weintraub in Orlando, FL. "If HHS made such a finding, it would likely be that not encrypting the data would constitute the 'willful neglect.'" That could happen considering that "HIPAA is a reasonableness standard," Weintraub says. "Covered entities are supposed to take reasonable precautions against reasonably anticipated risks." And that includes the potential for what have been widely reported thefts of laptops containing unencrypted PHI, he points out. "Laptop thefts are probably second to cell phone theft." Don't be one of these: "If you look at research and surveys related to data and device thefts, a lot of organizations still don't encrypt health data or mortgage data, etc., that could harm individuals if it fell into the wrong hands," cautions Weintraub.
Health Information Compliance Alert
- Electronic Health Records:
Beware: 'Audit-Proof' EHRs Don't Exist,' Experts Say
The responsibility is on your practice -- and not the software or software vendor --to ensure [...] - Enforcement:
HHS Slams Provider With $1 Million HIPAA Fine for Lost PHI
Warning: HIPAA enforcement is ramping up. The feds don't seem afraid to use their HIPAA [...] - Risk Management:
Target These 2 High-Risk HIPAA Areas
Do you have these protections in place for remote access? Some of the riskiest areas [...] - HIPAA:
'Willful Neglect' Violations May Eventually Expand to Stolen Laptops or Other Devices Containing Unencrypted PHI
It could happen, says HIPAA expert. Willful neglect violations can lead to some humongous fines. [...] - ICD-10:
Start Prepping Now for ICD-10 With 3 Mythbusters
You'll need to implement the new 5010 claim form first to be ready for ICD-10. [...] - Physician Quality Reporting System:
Know These 5 Common Pitfalls When Using PQRS
Once again, provider documentation could be the linchpin in your success. Whether you're new to [...] - Compliance:
Do Your Providers Meet Signature Requirements on Their Charts?
Answers to 2 common questions help ensure you're on track. Including provider signatures is a [...] - INDUSTRY NOTES
Ready for HIPAA 5010 Requirements? Providers already should be in Level I compliance, notes the [...]