Skip to main content

Common HIPAA Mistakes in Practice

This review details nine of the most common compliance missteps physicians are making regarding protected health information (PHI). These errors may result in legal trouble, but are avoidable. These include:

1. Texting unencrypted PHI could raise serious HIPAA problems.

2. E-mailing unencrypted PHI - use applications that protect such information.

3. Failing to conduct a risk analysis - your practices must go through a series of steps to assess potential risks and vulnerabilities to the confidentiality, integrity, and availability of their electronic protected health information.

4. Failing to update your Notice of Privacy Practices.

5. Ignoring record ammendment requests - if patients request this, it must be done within 60 days.

6. Not requiring formal HIPAA education and training of staff.

7. Overcharging for record copies - know what the limits are in your state.

8. Not having security controls to limit access.

9. Releasing too much information - only supply the minimum necessary standard.

 

ADD THE FIRST COMMENT

If you are a health practitioner, you may to comment.

Due to the nature of these comment forums, only health practitioners are allowed to comment at this time.

Disclosures
The author has no conflicts of interest to disclose related to this subject