The government is gearing up for a new round of HIPAA privacy and security audits and all small medical practices need to be prepared.
The government is gearing up for a new round of HIPAA privacy and security audits and all small medical practices need to be prepared.
The issue is that most are not.
In the first round (Phase 1) of audits, the US Department of Health and Human Services’ Office of Civil Rights (OCR), the entity responsible for enforcing patient privacy rules, found that many healthcare practices have difficulty selecting and implementing the proper security technology to protect patient data.
Recent research from SecurityMetrics, a data security company, states that securing digital patient information continues to be a low priority for small healthcare practices. A poll of 150 healthcare professionals responsible for HIPAA compliance at organizations with fewer than 500 employees found that:
- 51% don’t test employees on HIPAA-related training
- 50% of respondents don’t know if their organizations use multi-factor authentication
- 41% don’t know how often their firewall rules are reviewed
- 27% don’t encrypt emails containing patient data
- 26% don’t use mobile encryption
There are numerous reasons why small practices are having difficulty making sure their systems are HIPAA compliant. One is being offered the accurate information by companies offering IT and technology solutions. Many just assume that a vendor saying “we are HIPAA compliant” is telling the truth without asking for actual proof, a proper BAA, or a second opinion. It is a common mistake that owners of small practices believe vendors are taking care of HIPAA security issues, when this is not actually the case.
We urge you to take the reins on HIPAA compliance. Work with vendors who have a “HIPAA first” attitude and build systems specifically with compliance in mind. Our phone system was built exclusively for healthcare practices and guarantees compliance. We offer a signed BAA upon starting your service so you don’t have to worry about security when it comes to communicating with your patients. Our goal is to help you update legacy phone systems and modernize your practice, all while staying 100% HIPAA compliant.
At RingRx we know small practices are going through a change where they need to redesign operating around managing larger quantities of data and keep up with modern communication systems. We are here to help you improve efficiency and do our part in keeping your practice HIPAA compliant. Click here to start your free 30 day trial of RingRx.