I recently wrote an article offering a tip that helps people find out if their healthcare providers are adequately protecting their medical records. Protecting patient data is required by the law known as HIPAA. Unfortunately, many medical practices are not doing enough to protect their patients’ data. This is understandable as it is not easy, especially for small medical offices, to even understand all the many and varied aspects of HIPAA, let alone ensure compliance. However, criminals are becoming wise to the fact that small medical providers are an easy target for data breaches and even a small doctor’s office can provide a big payday for information criminals. So what is a medical practice to do?
As a technology consultant, I get a lot of questions regarding HIPAA compliance from my clients. While I can offer advice on specific technology implementations that can help a provider become compliant, there is a lot more to HIPAA than just technology. There are many polices and procedures that must be developed and enforced in order for a medical provider to adequately protect their patients’ data and comply with HIPAA. Fortunately for me, I was lucky enough to meet Jim Moore, a certified HIPAA professional with over 30 years of experience in healthcare practice consulting. I am partnering with Mr. Moore and his company, Compliance by the Quarter, to help my medical practice clients get and stay in compliance with HIPAA and adequately protect the medical records of their patients.
One piece of advice shared by Mr. Moore is that HIPAA requires every medical practice to retain a “privacy officer.” A privacy officer is in charge of creating and enforcing patient privacy protection policies and practices. However, while this privacy officer could be anyone on staff, including the doctor or medical provider, this position can actually be outsourced. Most doctors and their staffs are already overburdened enough as it is. By outsourcing their HIPAA privacy officer to a company like Compliance by the Quarter, medical practices can greatly simplify the work required to adequately protect their patients’ medical information and comply with HIPAA.
Many healthcare professionals are not aware that a single violation of HIPAA can cause them to be fined as much as $50,000. Hiring a HIPAA professional like Jim Moore and outsourcing the role of HIPAA privacy officer can ensure you are protecting your patients’ medical information and significantly reduce the risk of such devastating fines. If you are a healthcare provider and would like to ensure that you are compliant with HIPAA, both from a technology and procedural standpoint, please contact me here, or feel free to contact Mr. Jim Moore at his company’s web site.