|Over the course of the year, we have seen new ways to violate HIPAA as well as some old standards. Noted below are a few HIPAA issues for your consideration.
Office Laptop: One practice kept a lot of patient files and information on a laptop’s hard drive. The laptop was stolen. Now, the laptop had a password to enable use but, there is still a potential HIPAA violation waiting to happen. If you are using a laptop or really any other computer, try to ensure all saved files are stored on a secured server and not on the hard drive. One must also be cognizant of other viewers while using a laptop in a public forum (or on a plane) to finish charting some notes or other use of information.
Smartphone: We have had a couple physicians send us pictures of a patient’s leg to show the size and severity of the ulcer, etc. Appended to the picture was the patient’s name. Unfortunately, your smartphone is not an approved method of sending patient information and should never really happen.
Email: The most common issue we see is Patient Health Information (PHI) being sent via email. Sometimes that information is in the header of the email and sometimes in the body of the email. Occasionally it is an attached file. With all of the different email systems that have been hacked, email is NOT a secured format for sending patient information unless you have a secured system. These secured systems can be purchased and added to your email service and are not terribly expensive.
Privacy concerns, given all of the issues with social media platforms and the hacking of data, are starting to rise to the forefront. A few simple steps can help eliminate some rather glaring HIPAA violations.