HIPAA-HITECH laws affect the way you store, send, and protect patient information. Failure to comply with constantly evolving regulations often results in hefty noncompliance fines, upset patients, and compromised confidential information. Here are a few things to know:
- You should have a signed BAA (Business Associate Agreement) with every company that transmits or has access to your data (especially IT partners). These Business Associates need to maintain HIPAA compliance themselves.
- Do you backup your data to external drives? If so, those drives need to be encrypted to protect your practice from penalties if lost or stolen.
- If you email information to a specialist (including x-rays) or if you email information to a patient, It is your responsibility to encrypt that email from end-to-end. Sending a non-encrypted email is like sending a post card through public hands.
We help navigate the evolving compliance landscape to minimize security breaches in practices like yours. Our clients are notified of HIPAA-HITECH changes and how to address them. Contact us to learn more about compliance consulting for your practice.