Most, if not all, physicians and medical personnel understand that the Health Insurance Portability and Accountability Act (HIPAA) is a federal law designed to provide privacy standards to protect patients’ medical records and other health information. However, many fail to recognize that they might not be in compliance with federal privacy laws enacted since HIPAA, which updated regulations and created new standards. With an increasing number of audits conducted for HIPAA compliance resulting in larger penalty amounts, failure to comply with federal privacy laws is not something you can afford.
Since most HIPAA violations are due to human error, one of the most important things you can do is conduct annual staff training. Every physician office and healthcare organization must be vigilant and ensure that all staff members understand the importance of patient privacy and the seriousness and potential penalties of even one violation. This training should demonstrate awareness of, and a commitment to, compliance with HIPAA regulations. Also, do not forget to train your new employees!
If you are a CAPAssurance member covered by our Cyber Risk coverage, you and your staff can take advantage of HIPAA training videos through NAS CyberNET®. Click here to download instructions on how to access these videos.