How Cyber Security Affects Your Practice’s HIPAA Compliance
National Cyber Security Awareness Month
By Chris Moore
As Vertilocity takes part in National Cyber Security Awareness Month, a few members of our team will be bringing you blog posts on topics that revolve around cyber security.
My name is Chris and I am new to Vertilocity on the sales side. HIPAA compliancy is something I interact with the most when dealing with prospective clients. In my brief time with Vertilocity, I have seen that some practices do not take HIPAA compliancy as serious as they should. Most think they are compliant, but they really aren’t or they haven’t updated their policies, documentation and training in years, which would get them fined if they were ever audited by the OCR (Office of Civil Rights). These audits aren’t going away. It’s not if you get audited, but when. We are in round two of these audits that were initiated under President Obama’s administration and have been continued under President Trump’s administration.
Your practice’s HIPAA compliancy ties into cyber security.
If you don’t have the proper security or business continuity in place to protect your business, it could be two-fold. One, your business may not be able to bounce back from a devastating cyber-attack and two, you’re going to have to report that breach to the government, which is going to result in the OCR auditing your business and the business associates that you work with. The fines vary and they aren’t cheap. Here is a list of the fines, the reason for the fine and the amount. The Department of Health and Human Services’ Wall of Shame is a record of business practices that have reported data breaches or IT incidents affecting over 500 individuals to the OCR over the last 24 months. The fallout is your patients now have to worry that their information is not secured or protected by your practice.
If you have any questions or concerns regarding HIPAA compliance, don’t hesitate to reach out to me.