Midlands Medical Community Braces For Next Round of HIPAA Compliance Challenges

November 1, 2014

IntelliSystems CEO Kevin Wade Issues an Alert about Possible Legal Repercussions related to HIPAA Standards Noncompliance Issues as Microsoft Discontinues Tech Support for Windows Server 2003

 

COLUMBIA, SC – With Microsoft soon discontinuing technical support for Windows Server 2003, Kevin Wade, CEO of IntelliSystems, today warned local medical practitioners that “going to sleep on” and “becoming careless about” about HIPAA compliance procedures may well lead to both civil and criminal prosecution by government watchdogs. “We hear rumblings and rumors fairly frequently about how government entities are stepping up their investigative surveillance, trying to sniff out HIPAA violations,” reports Mr. Wade. “So we’re urging everyone in the medical profession to make sure they are in compliance with HIPAA rules and regulations as they apply to information technology.”

Wade and IntelliSystems senior technical engineer Peter Rittwage are both Certified HIPAA Security Professionals (CHSP), which has been reviewed and authorized by the 4Medapproved professional medical and technical advisory boards. “We pride ourselves in holding our company to the highest standards in our industry. Our 4Medapproved Certified HIPAA Security Proficiency designation is just another example,” adds Kevin Wade. “We look forward to continuing and expanding our work with healthcare providers as they grow their digital operations in a secure and manageable way.”

Peter Rittwage also recently received his Certified Information Systems Security Professional (CISSP). CISSP the most globally-recognized certification in the information security market and is required by the world’s most security-conscious organizations. This certification is the “gold standard” credential that assures you possess the knowledge and experience to effectively develop and manage the overall security posture of an organization to ensure swift and successful response to a security breach. CISSPs also lead the investigation to identify what happened and who might be responsible and manage the remediation efforts and establish the guidelines and policies needed to prevent similar breaches in the future.

More about HIPAA

The Health Insurance Portability and Accountability Act (HIPAA) was enacted by the US government with a goal to protect the confidentiality, availability, and integrity of patient health information. Any organization that accesses, stores, maintains, or transmits patient-identifiable information is affected by the strict federal standards by
HIPAA legislation either directly or indirectly, and must be trained based on their job role. In order to better serve the healthcare industry, IntelliSystems has been proactive in addressing the HIPAA compliance and HITECH Act which was formed in response to health technology development and increased use, storage, and transmittal of electronic health information whether it be by email, internet, or over a private network.

Protect Your Patient’s Privacy while Protecting Your Practice (Medical Professional HIPAA Tips from MedicalOffice.com)
Although The Health Insurance Portability and Accountability Act (HIPAA) has been around since 1996, it’s only become a more familiar term in the healthcare industry since the implementation of the Privacy Rule in 2001. The Privacy Rule was designed to specifically address the protection of an individual’s personal health information. It is important for the vitality of your medical office to maintain HIPAA compliance.
Any organization that accesses patient health information is considered a covered entity and is required by law to comply with HIPAA provisions or face civil and/or criminal penalties. It is imperative that medical records remain confidential and cannot be accessed by people that do not have proper authorization. Disclosures made regarding a patient’s protected health information (PHI) without their authorization is considered violation of the Privacy Rule.

All healthcare providers have a responsibility to keep their staff trained and informed regarding HIPAA compliance. Whether intentional or accidental, unauthorized disclosure of PHI is considered a violation of HIPAA. Here are 5 tips to avoid violating HIPAA:

1. Routine Conversation. Healthcare professionals should be very careful to refrain from disclosing information through routine conversation. This can easily be done by mentioning to a third party something seemingly insignificant as saying that John Smith had an office visit today.
2. Public Areas. Discussing patient information in waiting areas, hallways or elevators should be strictly off limits. Sensitive information can be overheard by visitors or other patients. Also be sure to keep patient records out of areas that are accessible to the public.
3. Trash. PHI should never be disposed of in the trash can. Any document thrown in the trash is open to the public and therefore a breach of information.
4. Gossip. Gossip is particularly hard to control. That is why it is important that access to information be strictly limited to employees whose jobs require that information. This type of violation can be particularly damaging to the reputation of your organization especially in small communities where “everybody knows everybody.”
5. Marketing. Selling patient lists or disclosing PHI to third parties for marketing purposes is strictly prohibited without prior authorization from the patient.

Remember that disclosure of patient information should only be accessed for the purpose of providing quality care.

 

About IntelliSystems
Founded in 1993, IntelliSystems is “The Small Business IT Department”, with offices in Augusta, Aiken, and Columbia. Featuring a “60 minutes or less” response time for most technology problems, they use a proactive approach to leverage a variety of tools to manage client IT systems resulting in less “fixing” of recurring problems that rob organizations of employee productivity. Specializing in business IT services, telecommunication systems, cabling and wireless contracting, cloud services, and backup and disaster recovery management, IntelliSystems strives to be a local one call resource for IT, Internet, and telephone communications in both the CSRA and Columbia, SC areas.