What is HIPAA?
HIPAA (the Health Insurance Portability and Accountability Act) refers to a series of federal laws and implementation regulations enacted beginning in 1996 to protect the privacy and security of patient information – i.e. medical records.
Patient information extends beyond purely clinical information and also includes demographic and financial information related to a patient. Although the right of a patient to have their medical records kept private and secure was firmly established over 15 years ago, the breach or improper disclosure of this information occurs on an almost daily basis. The consequences of an improper medical data disclosure can be very severe for both the affected individual and the organization responsible for causing it. A patient can be subject to identity theft, tax return fraud, medical care procured in their name, and damage to their credit rating – and they can’t cancel their medical record like they can a stolen credit card, so the problem persists. The entity which causes the breach will be subject to considerable expense to report it and repair the damage, reputational damage as well as government fines, all of which may threaten their continued existence as a business. Knowing all of this, why would an organization not want to make every reasonable effort to keep valuable information private and secure? The good news is, doing this need not be as difficult, time consuming and expensive as many think. We will tell you how to become properly HIPAA compliant in future communications.
If you have questions about HIPAA or would like a complimentary HIPAA Compliance Review for your organization, please contact us firstname.lastname@example.org.