{"id":2297,"date":"2017-01-16T08:00:36","date_gmt":"2017-01-16T08:00:36","guid":{"rendered":"https:\/\/tsisupport.com\/?p=2297"},"modified":"2021-07-19T00:56:48","modified_gmt":"2021-07-19T04:56:48","slug":"guard-hipaa-privacy-breach-fines-violations","status":"publish","type":"post","link":"https:\/\/tsisupport.com\/tsistaging\/?p=2297","title":{"rendered":"Prevent a HIPAA Breach: How to Prevent Data Breaches"},"content":{"rendered":"

In 2016, the Health Insurance Portability & Accountability Act (HIPAA) collected over 23 Million in Civil Money Penalties<\/a> (CMPs) related to businesses violating patient data privacy provisions.\u00a0 Over half of the cases involved organizations who failed to even have a proper risk assessment conducted.<\/p>\n

The cost for violating HIPAA privacy protections continue to grow<\/a>, which is why we decided to provide a list of the most common violations, as well as how to avoid them.<\/p>\n

Data Breaches<\/strong><\/span><\/p>\n

The Office for Civil Rights (OCR) maintains a \u201cWall of Shame\u201d database of breaches<\/a> that affected 500 or more individuals.\u00a0 Of the 325 cases reported in 2016, nearly 34% were a direct result of hacking<\/strong> or an IT related incident<\/strong><\/span>.\u00a0 These are not always sophisticated attacks mind you, some were the result of a weak password, or exploiting a known vulnerability in the anti-malware\/anti-virus software.<\/p>\n

A few easy methods to ensure your network is less vulnerable to hacking include developing a strong password policy, and enforcing it.\u00a0 Other solutions include installing a proper Firewall protection solution for your company, and ensuring it has the latest security patches for optimal defense.\u00a0 We also highly recommend installing a solid Anti-Virus and Anti-Malware software with automatic updates turned on.\u00a0 It is important to prevent users from disabling the tools on their local company-owned machines as well.<\/p>\n

Lost or Stolen Devices<\/strong><\/span><\/p>\n

Bring Your Own Device<\/a> is here to stay, unfortunately it only compounds the complexity for protecting your patient health data.\u00a0 The best solution to allowing the freedom of mobile access for your employees while remaining compliant is as simple as having the information encrypted before, during, and after transmitting.<\/p>\n

While encryption is not a direct requirement under HIPAA, there are examples where the OCR deemed insufficient protection of data by an organization, such as the compliance review against Concentra Health Services.\u00a0 The OCR determined Concentra did not utilize basic encryption defenses to protect patient health data from being stolen from lost devices, resulting in a $1.7 Million Dollar fine<\/a>.<\/p>\n

Moral of the story?\u00a0 There is hardly a reason why any data should not be encrypted in the day and age of daily intrusion attempts.<\/p>\n

Proper Disposal of Information<\/strong><\/span><\/p>\n

Regardless of the format, be it digital or physical paper, health information must be properly shredded and destroyed to protect the privacy of the parties.\u00a0 This includes machines and devices being disposed of, or decommissioned.<\/p>\n

For example, did you know photocopiers can contain an internal hard drive capable of storing information locally on the machine?\u00a0 For businesses who routinely lease equipment and\/or have their printer periodically replaced, the hard drive must always be wiped so that patient information cannot be recovered.\u00a0 A lesson Affinity Health Plan learned after returning their photocopiers to leasing agents, unknowingly compromising all the records they printed over the years.\u00a0 A $1.2 Million Dollar oversight<\/a> that could have easily been avoided.<\/p>\n

Subcontractors & Third-Party Disclosures<\/strong><\/span><\/p>\n

According to the Common Agency Provision<\/a> within the HIPAA Omnibus Ruling, you are responsible for protecting patient health information while the data is stored in your premises or network, as well as any information shared with your third-party associates.\u00a0 With this shared liability, it is best to review the HIPAA compliance policies of any subcontractor prior to disclosing sensitive information or having them sign an agreement that leaves you liable for their potential negligence.<\/p>\n

Training & Education<\/strong><\/span><\/p>\n

Proper training and staff education rounds out the top of our list, and for just reason.\u00a0 Employees are largely unfamiliar with the best practices and regulations surrounding HIPAA.\u00a0 It is a huge problem that puts many small businesses and practices at risk for hefty fines.\u00a0 Training for all staff who handle patient information<\/strong><\/span> should be a rudimentary component of every orientation, as well as developing an ongoing education plan so that staff are aware of the latest changes to the law.<\/p>\n

The risk for even unknown violations reach up to $50,000 per violation (each record compromised) up to $1.5 Million<\/a> annually.\u00a0 This is enough to bankrupt many Small or Medium sized businesses.\u00a0 Extending training to contractors and all employees is part of maintaining HIPAA compliance, and is just a great practice to ensure the best level of protection from willful violations.<\/p>\n

Learn More<\/span> <\/strong><\/p>\n

To learn more information from our internal HIPAA experts, including establishing a proper risk assessment, Contact Us<\/a> today!<\/p>\n

\n\t
\n\t\t\t\t\t\t\t\t
\n\t\t\n
\n\t\t\t
\n\t
\n\t
\n\t\t

\n\t\tConfident with Your IT Strategy?<\/span>\n\t<\/h2>\n\t<\/div>\n<\/div>\n
\n\t
\n\t\t
\n\t

If you found the information in this blog post helpful and you'd like to discuss your business' technology strategy, then we'd be happy to hear from you.<\/p>\n<\/div>\n\t<\/div>\n<\/div>\n

\n\t
\n\t\t
\n\t\t\t\n\t\t\t\t\t\t\tGet in touch with tsi<\/span>\n\t\t\t\t\t<\/a>\n<\/div>\n\t<\/div>\n<\/div>\n<\/div>\n<\/div>\n\t\t\t
\n\t
<\/div>\n<\/div>\n\t<\/div>\n\t\t<\/div>\n\t<\/div>\n<\/div>\n<\/div>
<\/div>\n","protected":false},"excerpt":{"rendered":"

In 2016, the Health Insurance Portability & Accountability Act (HIPAA) collected over 23 Million in Civil Money Penalties (CMPs) related to businesses violating patient data privacy provisions.\u00a0 Over half of the cases involved organizations who failed to even have a proper risk assessment conducted. The cost for violating HIPAA privacy protections continue to grow, which…<\/p>\n","protected":false},"author":2,"featured_media":8515,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":"","_links_to":"","_links_to_target":""},"categories":[7],"tags":[239,319,173,258,320,321,169,322],"acf":[],"yoast_head":"\nPrevent a HIPAA Breach | How to Prevent Data Breaches | TSI<\/title>\n<meta name=\"description\" content=\"Learn the most common types of HIPAA breach and how you can prevent them. It's more important than ever to learn how to prevent data breaches\" \/>\n<meta name=\"robots\" content=\"noindex, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Prevent a HIPAA Breach | How to Prevent Data Breaches | TSI\" \/>\n<meta property=\"og:description\" content=\"Learn the most common types of HIPAA breach and how you can prevent them. It's more important than ever to learn how to prevent data breaches\" \/>\n<meta property=\"og:url\" content=\"https:\/\/tsisupport.com\/tsistaging\/?p=2297\" \/>\n<meta property=\"og:site_name\" content=\"TSI Support\" \/>\n<meta property=\"article:published_time\" content=\"2017-01-16T08:00:36+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2021-07-19T04:56:48+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/tsisupport.com\/tsistaging\/wp-content\/uploads\/2017\/01\/HIPAA-Website-1140x380-1.png\" \/>\n\t<meta property=\"og:image:width\" content=\"1024\" \/>\n\t<meta property=\"og:image:height\" content=\"341\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Roger Murray\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Roger Murray\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/tsisupport.com\/tsistaging\/?p=2297\",\"url\":\"https:\/\/tsisupport.com\/tsistaging\/?p=2297\",\"name\":\"Prevent a HIPAA Breach | How to Prevent Data Breaches | TSI\",\"isPartOf\":{\"@id\":\"https:\/\/tsisupport.com\/tsistaging\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/tsisupport.com\/tsistaging\/?p=2297#primaryimage\"},\"image\":{\"@id\":\"https:\/\/tsisupport.com\/tsistaging\/?p=2297#primaryimage\"},\"thumbnailUrl\":\"https:\/\/tsisupport.com\/tsistaging\/wp-content\/uploads\/2017\/01\/HIPAA-Website-1140x380-1.png\",\"datePublished\":\"2017-01-16T08:00:36+00:00\",\"dateModified\":\"2021-07-19T04:56:48+00:00\",\"author\":{\"@id\":\"https:\/\/tsisupport.com\/tsistaging\/#\/schema\/person\/5eed34ada00b62f24100bd841a4f62e9\"},\"description\":\"Learn the most common types of HIPAA breach and how you can prevent them. It's more important than ever to learn how to prevent data breaches\",\"breadcrumb\":{\"@id\":\"https:\/\/tsisupport.com\/tsistaging\/?p=2297#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/tsisupport.com\/tsistaging\/?p=2297\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/tsisupport.com\/tsistaging\/?p=2297#primaryimage\",\"url\":\"https:\/\/tsisupport.com\/tsistaging\/wp-content\/uploads\/2017\/01\/HIPAA-Website-1140x380-1.png\",\"contentUrl\":\"https:\/\/tsisupport.com\/tsistaging\/wp-content\/uploads\/2017\/01\/HIPAA-Website-1140x380-1.png\",\"width\":1024,\"height\":341},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/tsisupport.com\/tsistaging\/?p=2297#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/tsisupport.com\/tsistaging\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Prevent a HIPAA Breach: How to Prevent Data Breaches\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/tsisupport.com\/tsistaging\/#website\",\"url\":\"https:\/\/tsisupport.com\/tsistaging\/\",\"name\":\"TSI Support\",\"description\":\"TSI - Technical Support International\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/tsisupport.com\/tsistaging\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/tsisupport.com\/tsistaging\/#\/schema\/person\/5eed34ada00b62f24100bd841a4f62e9\",\"name\":\"Roger Murray\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/tsisupport.com\/tsistaging\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/02eb44ce8ff599f733f8d322316f904d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/02eb44ce8ff599f733f8d322316f904d?s=96&d=mm&r=g\",\"caption\":\"Roger Murray\"},\"url\":\"https:\/\/tsisupport.com\/tsistaging\/?author=2\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Prevent a HIPAA Breach | How to Prevent Data Breaches | TSI","description":"Learn the most common types of HIPAA breach and how you can prevent them. It's more important than ever to learn how to prevent data breaches","robots":{"index":"noindex","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"og_locale":"en_US","og_type":"article","og_title":"Prevent a HIPAA Breach | How to Prevent Data Breaches | TSI","og_description":"Learn the most common types of HIPAA breach and how you can prevent them. It's more important than ever to learn how to prevent data breaches","og_url":"https:\/\/tsisupport.com\/tsistaging\/?p=2297","og_site_name":"TSI Support","article_published_time":"2017-01-16T08:00:36+00:00","article_modified_time":"2021-07-19T04:56:48+00:00","og_image":[{"width":1024,"height":341,"url":"https:\/\/tsisupport.com\/tsistaging\/wp-content\/uploads\/2017\/01\/HIPAA-Website-1140x380-1.png","type":"image\/png"}],"author":"Roger Murray","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Roger Murray","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/tsisupport.com\/tsistaging\/?p=2297","url":"https:\/\/tsisupport.com\/tsistaging\/?p=2297","name":"Prevent a HIPAA Breach | How to Prevent Data Breaches | TSI","isPartOf":{"@id":"https:\/\/tsisupport.com\/tsistaging\/#website"},"primaryImageOfPage":{"@id":"https:\/\/tsisupport.com\/tsistaging\/?p=2297#primaryimage"},"image":{"@id":"https:\/\/tsisupport.com\/tsistaging\/?p=2297#primaryimage"},"thumbnailUrl":"https:\/\/tsisupport.com\/tsistaging\/wp-content\/uploads\/2017\/01\/HIPAA-Website-1140x380-1.png","datePublished":"2017-01-16T08:00:36+00:00","dateModified":"2021-07-19T04:56:48+00:00","author":{"@id":"https:\/\/tsisupport.com\/tsistaging\/#\/schema\/person\/5eed34ada00b62f24100bd841a4f62e9"},"description":"Learn the most common types of HIPAA breach and how you can prevent them. It's more important than ever to learn how to prevent data breaches","breadcrumb":{"@id":"https:\/\/tsisupport.com\/tsistaging\/?p=2297#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/tsisupport.com\/tsistaging\/?p=2297"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/tsisupport.com\/tsistaging\/?p=2297#primaryimage","url":"https:\/\/tsisupport.com\/tsistaging\/wp-content\/uploads\/2017\/01\/HIPAA-Website-1140x380-1.png","contentUrl":"https:\/\/tsisupport.com\/tsistaging\/wp-content\/uploads\/2017\/01\/HIPAA-Website-1140x380-1.png","width":1024,"height":341},{"@type":"BreadcrumbList","@id":"https:\/\/tsisupport.com\/tsistaging\/?p=2297#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/tsisupport.com\/tsistaging\/"},{"@type":"ListItem","position":2,"name":"Prevent a HIPAA Breach: How to Prevent Data Breaches"}]},{"@type":"WebSite","@id":"https:\/\/tsisupport.com\/tsistaging\/#website","url":"https:\/\/tsisupport.com\/tsistaging\/","name":"TSI Support","description":"TSI - Technical Support International","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/tsisupport.com\/tsistaging\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/tsisupport.com\/tsistaging\/#\/schema\/person\/5eed34ada00b62f24100bd841a4f62e9","name":"Roger Murray","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/tsisupport.com\/tsistaging\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/02eb44ce8ff599f733f8d322316f904d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/02eb44ce8ff599f733f8d322316f904d?s=96&d=mm&r=g","caption":"Roger Murray"},"url":"https:\/\/tsisupport.com\/tsistaging\/?author=2"}]}},"_links":{"self":[{"href":"https:\/\/tsisupport.com\/tsistaging\/index.php?rest_route=\/wp\/v2\/posts\/2297"}],"collection":[{"href":"https:\/\/tsisupport.com\/tsistaging\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/tsisupport.com\/tsistaging\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/tsisupport.com\/tsistaging\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/tsisupport.com\/tsistaging\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=2297"}],"version-history":[{"count":0,"href":"https:\/\/tsisupport.com\/tsistaging\/index.php?rest_route=\/wp\/v2\/posts\/2297\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/tsisupport.com\/tsistaging\/index.php?rest_route=\/wp\/v2\/media\/8515"}],"wp:attachment":[{"href":"https:\/\/tsisupport.com\/tsistaging\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=2297"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/tsisupport.com\/tsistaging\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=2297"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/tsisupport.com\/tsistaging\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=2297"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}