In some places summer went out with a bang, but cyber-criminals are waiting to blow up your weakest link. Understanding the vulnerability of personal health information (PHI), is not enough. Neither are having fierce security protocols if they are not supported and executed by everyone in your organization.
This year there have been 221 breaches involving PHI and we still have the busy fourth quarter and the holiday season to face. Colds, flu, ladder falls, EOY checkups… seen patient numbers will rise; how will you protect your organization and keep the 221 from growing exponentially?
An article at Attorney at Work reminds us how vulnerable organizations really are without even knowing it. Your immediate staff may be diligent in protecting PHI, but what about all covered entities? What about your business associates? Are your agreements updated and compliant? Innocent mistakes happen, but it does not negate your responsibilities or eliminate the associated fines and penalties.
There are three steps to ensure HIPAA compliance:
- Conduct a risk assessment that addresses physical, technical and administrative safeguards.
- Implement compliance training for all staff.
- Create the necessary documentation such as policies and procedures.
Turning a blind eye is hazardous. You might just quickly text a co-worker about a patient; just one time won't hurt right? Breach. Maybe you know a patient personally and send them a text. Breach. You archaic fax machine finally blew up, so you toss it in a dumpster. Breach. Want to trade up your copier to the flashiest model? Do you know what you have to do to avoid a breach? Probably not.
Breach. Breach. Breach. The frequency seems to be intensifying, which clearly is a reflection on our lax security and compliance protocols. PHI is fast becoming the number one target for cyber-criminals. How are you going to choose to fight them?
BridgeFront is now Litmos Healthcare, but Litmos Healthcare's Compliance and Regulatory Staff Education is all you need to teach staff members, regardless of their role, how to keep your organization compliant and patient data secure. Our online education is affordable, customizable and available 24/7 on any Internet connected devise, with up-to-date content. All courses are legally reviewed and continuously updated to meet or exceed regulation requirements.
Take that first step towards compliance by calling us at 1.866.447.2211. Or will you be 222? A number that should really only be inspired by television shows and major league baseball players.