HIPAA Is No Joke. Protect Your Practice

Posted on August 31, 2018

Here’s a scary thought: a HIPAA violation can cost up to $50,000 per record. That’s thousands of dollars out of your pocket and into the hands of someone else. That’s enough to even close the doors on some practices for good. So, when it comes to HIPAA, you don’t just have to take it seriously, you have to make sure everyone on your staff is taking it seriously, too. After all, one mistake could be very costly.

Here are three easy things your team can implement today to help protect PHI.

IF YOU LOG ON, REMEMBER TO LOG OUT

Every time an employee logs onto a computer or workstation, they MUST log out the minute they leave the area for any reason – even if it’s just to run to the water cooler or the bathroom. Sensitive information is on your computers; protect it by making it a mandatory rule that everyone must log off if they leave their desk for any reason.

RESET YOUR P@55W0RD5! EVERY 90 DAYS

That’s right. Every 90 days your employees should be changing their passwords. Their passwords also shouldn’t be hidden under their keyboards, written on a post-it note, on their hands, or anywhere else for that matter. Passwords are sacred, and every employee should have their own. In addition, it’s important to make the passwords a mixture of uppercase and lowercase letters, numbers, and special characters like an exclamation point or question mark. If your system won’t allow special characters, create a password that’s unique with numbers and letters.

PASSWORD TIP: The number “5” can substitute for the letter “S”. The number “3” can substitute for the letter “E” and the number “8” can substitute for the letter “B”.

FACE IT, FAXES SHOULD BE FACE DOWN.

When confidential information is faxed to your office, it’s important to make sure that the faxes are placed face down when received and also distributed to recipients face down. By doing this, you’re ensuring the sensitive information remains private.

Don’t let your practice get caught being non-HIPAA compliant. Make sure your team receives regular HIPAA training.

Click here to see how OrthoSynetics can help protect your practice.