February 11, 2015

The Importance of Protecting Your Patients’ PHI

Newest HIPAA Settlement Underscores Consequences of Failing to Identify and Address Basic Risks to Protected Health Information (PHI)

Protecting your patients’ personal health information continues to take precedence for those in the medical field. The U.S. Department of Health and Human Services Office of Civil Rights has posted a bulletin regarding an enforcement action from OCR that resulted in a $150,000 fine and a 2-year Corrective Action Plan. This was a result from an organization that was not performing basic security functions such as having up to date security policies implemented and followed along with the use of software that had not been updated and was unsupported which allowed for security vulnerabilities. PHI_Risk

This newest HIPAA settlement illustrates three points:

1) Relatively simple, basic processes and procedures can be implemented and followed to be HIPAA compliant, 2) Large fines can result from deficiencies in a facility’s HIPAA Compliance program, and 3) Enforcement is not merely about breaches, but rather the wider range of ongoing security and privacy compliance. Click here to read Case Examples and enforcement highlights from OCR investigations.   GET free HIPAA white paper

Receive Stericycle’s latest content, including news and regulations on how you can maintain business compliance.

Thank You! We have received your request and a representative will contact you shortly to discuss your business needs.

Submission Error - Please Refresh and Try Again