The real reason why physicians must comply with HIPAA. What the government does not tell you? © CureMD Healthcare

HIPAA There is widespread resentment among healthcare providers on the Health Insurance Portability and Accountability Act (HIPAA) Many physicians, that I have come across, find the law redundant and somewhat insulting Confidentiality and patient privacy, they say, has always been inherent in any doctor-patient interaction and is a fundamental pillar of practicing medicine

HIPAA The government doesn’t want to manage your relationship with your patient It only wants to ensure that valuable patient health information (PHI),especially financials, don’t fall into the hands of organized criminal elements who threaten to jeopardize the financial system I’m sure you’ve heard about credit card scams, stolen social security numbers and the devastating effects such events can have on the actual owners

HIPAA Imagine some hacker breaking into your Amazon account, and using the details to max out your credit card. You’d expect Amazon to protect that data, wouldn’t you? It is not much different with your patient’s insurance information, social security and credit card numbers in your possession The patient expects them to be kept with the utmost care

HIPAA This PHI is of great value to thieves, and the negligence of practices could result in losses worth millions of dollars; losses that the government is committed to avoid The law is there, as are the fines and penalties for noncompliance Opposing the law will get you nowhere, and with the HIPAA audit fast approaching, the judicious approach would be to endorse it

What if I don’t comply? The government is starting phase 2 of HIPAA audits from October 2014 and a reply will be sought within two weeks of the official notification Moreover, the audits will be random, so anyone’s turn can come first An amount of $100 for not knowingly violating HIPAA, $50,000 for a violation of willful neglect, an annual maximum penalty of $1.5 million for falling short on HIPAA compliance, and returning government incentive money earned through meaningful use are only some of the penalties and fines your practice could face

How should I comply with HIPAA? Now that you’re better equipped with the reasoning behind the law’s implementation i.e. the government needs your support in keeping this information safe, the question is how should you go about it? Firstly, you need to adopt safe mediums for storing and transmitting such information. Certified EHRs allow you to exchange encrypted information with relevant stakeholders Thus, it is worthwhile to invest in this technology as it is much safer than simply storing information in your computers or file cabinets

How should I comply with HIPAA? If you decide to buy an EHR don’t cut cost by buying free or low cost EHR systems whose business model revolves around sharing patient data for grants and bursaries By investing a little more you can get a much better product and an iron clad agreement that you are the sole owner of your data and that its safety will be legally binding on your Electronic Health Records (EHR) vendorElectronic Health Records (EHR)

How should I comply with HIPAA? Secondly, the government requires you to have a dedicated HIPAA officer at your practice You also have the more cost effective and efficient option of hiring a trained HIPAA consultant to meet this requirement If you plan on outsourcing HIPAA compliance to a consultant, organizations such as CureMD provide highly cost effective and extremely efficient solutions They have HIPAA compliance programs that handle everything from online vulnerability assessments and risk analysis to administrative, physical and technical safeguards for your practice

Read more on blog.curemd.comblog.curemd.com To read more on this topic, visit: physicians-must-comply-with-hipaa-what-the- government-does-not-tell-you/ physicians-must-comply-with-hipaa-what-the- government-does-not-tell-you/

CureMD Healthcare 55 Broad Street, New York, NY Ph: Thank you!