How to Recover from a HIPAA Breach - Health Works Collective

If you find yourself in the midst of a HIPAA breach, your first instinct might be to panic, but you need not. While a security breach of any kind is a high stress event, keeping cool headed and following tried and true HIPPA breach recovery protocols will help you avoid further trouble down the line.

Step One: Understanding a HIPPA Breach

What defines a HIPPA breach? Any release of information protected under HIPAA that violates the protection standard set forth by the rule. When you think of a breach you probably think of massive security breaches that result in thousands of records being released into the wrong hands — but sometimes breaches occur on a much smaller scale. Just because they only impact one or two patients doesn’t mean they should be regarded with less weight than a numerically larger one.

A textbook example would be mailing test results to the wrong patient or giving someone another patient’s after visit summary at a doctor’s appointment. These things might seem like laughable accidents, but in the wrong hands patient information can quickly become a hotbed of identity theft potential. No breach should be regarded as insignificant.

Step Two: Assess

The first step after any suspected HIPAA breach is to assess how much information was impacted and compare it to national reporting standards. Typically, if more than 500 patient records are involved, you must notify the public that a breach has occurred. Generally speaking, regardless of the size of the breach — or even the confirmation that a breach has occurred — there must be internal notification up the chain of command within the hospital system itself, usually facilitated by the hospital’s privacy officer (who may or may not be affiliated with the health information department).

READ

What To Expect At A Cannabis Vape Lounge

Step Three: Notification

In instances where there are clearly identified patients involved, you should begin the process of notifying them via an official letter from your organization without delay. Generally speaking you are allowed 60 days after the breach to make your notifications, but the process should begin as soon as you’ve discovered it. This letter should inform the patient of what occurred, what’s being done by the hospital to rectify it and what the patient should do to protect themselves.

It would be in your hospital’s best interest to offer help wherever you can, particularly in the form of offering the patient something like credit monitoring in order to help reduce the likelihood that your mistake will negatively impact their lives. For any breach involving less than 500 people, you still need to notify DHHS annually.

Step Four: Reassess your liability and take action

If you haven’t purchased regulatory liability insurance, don’t wait. Most plans will cover HIPAA breaches as well as other issues related to compliance, intentional or not. For staff, the intent of the breach (wittingly or unwittingly) will determine in large part the type of disciplinary action they receive.

For example, if a nurse knows that she isn’t supposed to go snooping in her neighbor’s medical record since she isn’t that person’s nurse, but does it anyway, that would warrant disciplinary action far more severe than if a nurse stumbled into the wrong record because she used the wrong birth date and got into a record of a different “Jane Smith” – only to realize her error and report it immediately. Penalties can range anywhere from a few hundred dollars to a few hundred thousand dollars, depending on the nature and size. There are both federal and state penalties, so combining both could be a hefty set of fines for any hospital that’s experienced a breach.

READ

Here Are the Best Ways to Promote Your Business at the Next Health and Wellness Expo

Step Five: Reevaluate your policies and debrief

Since you’ve properly documented the entire process (right?) you can now assess the event from a bird’s eye view with your privacy officer and other pertinent staff members to uncover why the breach occurred and what could have prevented it, if anything.

If you find that there was a flaw, say, in your EMR steps should be taken immediately to patch it. If there are personnel issues, disciplinary action should be taken and in some cases, if there have been multiple offenses, an employee may need to be terminated. If you have experienced a few breaches rather close together, you should be looking to see if there are any patterns or common denominators in the events that could lead you to a culprit.

Most importantly, remember to keep all documentation around the breach and its aftermath for six years after the event occurs. Not only will the records be of value to you in the event of a lawsuit, but as previously mentioned, if there are future breaches you may want to come back to a particular event that seemed somewhat similar and see if you can establish a pattern or link between them.

Knowledge is power, as they say, and when it comes to patient data breaches understanding the why and the how is just as important — if not more so — than the who!

The post How To Recover From a HIPAA Breach appeared first on BHM Healthcare Solutions.

What Would Medicare For All Mean For Healthcare Entrepreneurs?

Here Are the Best Ways to Promote Your Business at the Next Health and Wellness Expo

How to Find the Best Hosting Provider for Your Medical Website

Will The Surge In Celebrity Surrogacy Change The Business Of Fertility?

What Would Medicare For All Mean For Healthcare Entrepreneurs?

Entrepreneurs Must Integrate Mission-Driven Strategic Investors

6 Healthcare Financial KPIs You Need for 2017

Determining the ROI on Aquatic Therapy in Your PT Practice

What Would Medicare For All Mean For Healthcare Entrepreneurs?

4 Strategic Approaches To Reducing Hospital Errors

Think Patients Are Bad At Communicating? Rethink Your Systems

8 Of The Most Bizarre Medical Malpractice Cases Out There

7 Tips To Make Sure Your Medical Practice Is Found Online

Healthcare Blockchain Technology: The Good, Bad, And Terrible

How Doctors Can Use Mobile eHealth Apps To Monitor Their Patients

Here’s The Real Truth About Online Medical Services

How Cryptocurrency Benefits Medical Billing Services

Why Blockchain In Healthcare Could Be A Game Changer For EHRs

Here’s Why The Lab Automation Market Is Growing

8 Of The Most Bizarre Medical Malpractice Cases Out There

How Doctors Can Use Mobile eHealth Apps To Monitor Their Patients

6 Ways Mobile Applications Bring Value to Patients and Doctors

The Role Of The Internet Of Medical Things In Healthcare

All The Ingredients You Need For A Successful Health Insurance App

Technological Advancements in The Medical Field That You Should Keep An Eye On

mHealth Apps And Digital Doctors: The Future Of The Healthcare Sector?

EHR For Rural Hospitals: Criteria And Access

How Big Data Can Be Used To Prevent Fatal Heart Attack

7 Tips To Make Sure Your Medical Practice Is Found Online

4 Top Reasons Why App Developers Love Apple Health Records API

Should Healthcare Care About Branding?

How can Healthcare Professionals Manage their Reputation Online

Healthcare Blockchain Technology: The Good, Bad, And Terrible

5 Trends That Are Impacting The Healthcare Industry

How Doctors Can Use Mobile eHealth Apps To Monitor Their Patients

Here’s The Real Truth About Online Medical Services

5 Reasons Why Medical Device Machining Should Be Done By Professionals

Big Data: How Smart Medical Devices Can Change the Future of Healthcare

People Suffering From Hearing Loss Can Be Helped By Technology

Revolutionary Therapeutics For Neuroendocrine Carcinoma Are Underway

9 Medical Technologies Revolutionizing Healthcare

The Rise Of eHealth: Staying Relevant In The Digital Healthcare Paradigm

Here’s How Millennials Impact Clinical Research And The Health Sector

The Revolutionary Advent Of Precision Medicine In Cancer Treatment

Why The Psoriatic Arthritis Treatment Market Is Set To Grow

What To Expect At A Cannabis Vape Lounge

How Self-Determination Theory Can Improve Medical Students’ Motivation

How Medical Advancements Could Change Hepatitis B Diagnoses In 2019

Here’s Why The Lab Automation Market Is Growing

Can CBD Oil Lower Your Weight Or Improve Your Cholesterol?

Try These Delicious And Healthy Alternatives To Junk Food

Take These Important Steps To Fight Periodontal Disease

Health Risks Associated With Substance Abuse To Know About

Is It Time to See a Cardiologist?

Can Artificial Intelligence Diagnose Illnesses Better Than Other Methods?

The Complicated Rise of Interventional Cardiologists

How Big Data Can Be Used To Prevent Fatal Heart Attack

Take These 4 Important Steps For Healthy And Happy Aging

Living Alone When You’ve Been Diagnosed With Alzheimer’s

A Guide To Healthy Aging And Happier Golden Years

10 Early Dementia Signs You Need To Be Aware Of

How a Meal Delivery Subscription Service Can Help You Reach Your Weight Loss Goals

7 Important Health-Related Reasons To Burn Excess Fat

The Weight Conscious Doctor: Why Sensitivity Matters

Top 5 Reasons Why you’re Not Losing Weight on Your Diet

4 Terrible Injuries That Can Happen Because of a Motorcycle Accident

Baby Boomer’s Guide to Dealing with Knee Problems

The Woes Of Modern Posture Struggles And Poor Furniture Support

What Is Scoliosis? 4 Ways To Treat It

Radiology as an Enterprise Model for Collaboration

Relationship Between Clinical Decision Support Systems (CDSS) & Radiology Must Evolve

Diagnostic Reading #33: Five Must-Read Articles from the Past Week

2015 CPT Coding Changes and Your Radiology Practice

Can CBD Oil Lower Your Weight Or Improve Your Cholesterol?

Try These Delicious And Healthy Alternatives To Junk Food

Take These Important Steps To Fight Periodontal Disease

Health Risks Associated With Substance Abuse To Know About

Try These Delicious And Healthy Alternatives To Junk Food

Important Key Benefits Of Turmeric To Know About

Here’s How To Trick Yourself Into Exercising More And Staying Motivated