Toughest Challenges with Implementing the Latest HIPAA Regulations

August 5, 2014
366 Views

Some of the newest findings on HIPAA compliance represent the top challenges faced by companies and health care institutions dealing with the laws on sensitive patient data. As the Department of Health and Human Services gears up to perform 2014 audits for HIPAA compliance, provider administrators and others are looking at issues like HIPAA-compliant hosting for Web-delivered systems, compliance for cloud security and other HIPAA requirements.

Some of the newest findings on HIPAA compliance represent the top challenges faced by companies and health care institutions dealing with the laws on sensitive patient data. As the Department of Health and Human Services gears up to perform 2014 audits for HIPAA compliance, provider administrators and others are looking at issues like HIPAA-compliant hosting for Web-delivered systems, compliance for cloud security and other HIPAA requirements.

Common Challenges with HIPAA

One recent survey conducted by Healthcare Info Security looks at the challenges healthcare businesses face in implementing the HIPAA Omnibus Rule and what they are doing to improve compliance and protect themselves from risk. One of the top findings in this particular study is that there are several consistent pain points that providers and other medical offices report in their efforts to achieve HIPAA compliance.

HIPAA implementation

Training and Educating Staff

The biggest challenge noted in this survey revolves around training and educating staff on aspects of HIPAA compliance. A full 50% of respondents claimed this as the single biggest hurdle related to the new HIPAA Omnibus Rule and other regulations in the industry. This kind of training may involve teaching staff to use secure technologies for digital transmission or to protect display information within an office or out in the field.

Healthcare professionals should not underestimate the severe consequences of an uneducated staff attempting to maintain HIPAA compliance. A recent release by U.S. Department of Health & Human Services describes a breach caused by a physician attempting to deactivate a personally-owned computer server on a network containing protected health information (PHI). When the server was deactivated, a lack of technical safeguards in this employee-administered network made the information of 6,800 individuals available on the major search engines. The breach resulted in a hefty $4.8 million settlement.

Business Associate Agreements

The next biggest challenge reported involved business associate (BA) agreements. 46% of respondents cited the challenge of creating and maintaining business associate agreements, and another 45% also mentioned the challenge of getting business associates to comply with all HIPAA regulations.  Changes to HIPAA in 2013 put third-party businesses under the umbrella of HIPAA regulation, labeling them as business associates. Any third-party business, such as a cloud computing provider that handles health data for a medical office is considered a business associate. Under HIPAA regulations, business associates must comply with aspects of the HIPAA privacy law and will be subject to audits by the Office for Civil Rights (OCR). They will also be held accountable in case of any violations or breaches. BA agreements should explicitly state the permitted and required uses and disclosures of protected health data and explain how a BA will report and respond to a security breach.

These challenges and pain points emphasize the importance of healthcare organizations partnering with the right HIPAA cloud provider. The right partner will have extensive experience signing business associate agreements and a complete HIPAA certification alleviating IT administrators’ worries of maintaining compliance of their backend infrastructure.

You may be interested

The Benefits of Providing Homecare in Your Health System
Home Health
397 views
Home Health
397 views

The Benefits of Providing Homecare in Your Health System

Jennifer E. Landis - August 14, 2017

In-home health care, colloquially known as homecare, offers untold benefits for both patients and the health care professionals providing the…

Healthcare Tech Advances That All Clinics Should Use
Medical Devices
461 views
Medical Devices
461 views

Healthcare Tech Advances That All Clinics Should Use

Dennis Hung - August 12, 2017

Healthcare will always be important to employees and the government since the issues surrounding healthcare are inherently ethical and moral…

Balancing Smart Data With Cybersecurity for Hospitals
Hospital Administration
458 views
Hospital Administration
458 views

Balancing Smart Data With Cybersecurity for Hospitals

Kayla Matthews - August 11, 2017

It should come as no surprise that your discussions and interactions with physicians and health professionals influence diagnoses, prescriptions, visit…