For quite a while now, news that a wave of HIPAA audits are on the horizon has been circulating in the healthcare scene. But this time, these audits are likely to include financial penalties for violations–new in 2015.
So what areas should you be scouring to ensure you’re not accidentally committing any violations? In this post, we’ll take a look at what HIPAA audits could mean for your organization.
Obviously, one of HIPAA’s top priorities is ensuring that patient information is 100 percent secure. So when an audit takes place, certain areas of your organization are going to be thoroughly examined. Be sure that you are following all regulations–even in situations you might not think are hazardous, such as:
- When moving to a new location
- During software updates
- When installing new equipment
- While using cellphones
Even when getting rid of patient information, the disposal process isn’t quite as simple as deleting. When disposing of sensitive information via equipment, be sure information has been completely wiped clean before sending it off to a third party.
Something as simple as a visible computer screen displaying patient information can count as a violation. Make sure all workstations are limited to those with verified access and shutdown after a certain period of inactivity to prevent unauthorized use.
Any time data is transported (via a USB stick, disc, etc.) it must be encrypted. This precaution prevents information from being shared if these portable information devices are lost or stolen.
Do you have procedures established for all of these different areas?
Risk Mitigation Pre-HIPAA Audit
With just a few of the common stumbling points outlined, the next step in preparing for a HIPAA audit is to mitigate risk and to establish proper training courses so that all team members are up to speed on the necessary procedures.
Why? Because in 2012, two-thirds of all security breaches were found within the healthcare industry. And with financial repercussions, this is one area you can manage with simple preventative measures.
The plus side of risk mitigation is that often times it can result in overall improvements to your clinical operations. Risk mitigation creates the stage on which important conversations can begin to take place and other obstacles can be addressed.
In 2015, a HIPAA audit means more for your organization in the past. It can directly impact your financial standing and is a topic the media loves to grab onto. When news of HIPAA violation breaks with your name tied to it, you’ll be suffering far more than the penalty fees.
What does your organization do to prepare for a HIPAA audit?