The Misconceptions of HIPAA
I know what you’re thinking, HIPAA has been around since the 90’s right? So why is it that all of a sudden everyone seems to be talking about compliance issues and things that need to be changed to become compliant? You’re probably saying to yourself “I’ve never had any compliance issues, and it sounds like work that I don’t need to be concerned with right now.”
While we completely understand that train of thought, the reason there has been so much HIPAA talk recently is that The Office of Civil Rights (OCR) as of September 23rd has the ability to audit your company and leave you with a fine as high as $1.5 million per year!
What are the Common Misconceptions?
My Patient Management Software is HIPAA Compliant
I’ve Made an Internal Employee Our HIPAA Administrator
I’ve Actually Hired a Consultant to Ensure We are Compliant
My IT Guy Says We’re Good
One of the things that we hear often from businesses is that their patient management software is HIPAA compliant, and they feel that is where the buck stops. The problem with this misconception is that this only covers a small portion of what the OCR takes into account.
Another thing we hear, is that many businesses have placed an internal employee as their HIPAA administrator, or that they even hired a consultant who gives them the thumbs up. You should know that unless these employees are IT professionals, they are more than likely not capable of giving you that thumbs up. Technical safeguards make up for 1/3 of the HIPAA requirements, not to mention that they bleed into the other two categories as well.
We get it, looking into all of this can be time consuming, however if you do receive an audit, we want to make sure that you have the proper information before it’s too late. One failed audit guarantees a follow up audit in one year, in which they will expect you to have covered everything possible related to HIPAA.
Okay, I’m Listening, What’s the Next Step?
You may be thinking right now
“Wow, I really didn’t realize so much had changed. What can I do to prevent a failed audit?”
These requirements range from the way that you login to your computer all the way down to how you connect to the Internet and much more. We’re on your team, we want to make sure you can implement everything necessary in the most affordable way possible. We recommend that if you have any questions on whether or not you are compliant to give your Fuse rep a call.