Compliance

What are The Most Common HIPAA Violations?

Last Updated: June 4, 2019

HIPAA protected health information, or PHI, is any demographic information that can be used to identify a patient. Personal information such as names, addresses, phone numbers, dates of birth and social security numbers are all examples of PHI. Whenever this data is compromised, it’s likely that a HIPAA violation has occurred. HIPAA violations can be very expensive for your company, too. Each violation can cost anywhere for $100 to $50,000 with a maximum penalty of $1.5 million per year for violations of an identical provision.

Luckily, though, there are ways to reduce the risk of committing a HIPAA violation, and it begins by understanding the most common violations and how your organization may be vulnerable.

Compromised Devices

Lost or stolen devices: Losing your phone, laptop, thumb drive or other device with PHI on it is a huge liability for your organization, especially if you aren’t taking extra precautions to protect your data. Devices with confidential information on them should be password protected and encrypted for these unfortunate instances.

Insecure technology: Sharing ePHI can be risky without the proper protections on your devices and network. All communication and storage mediums need additional security to meet HIPAA compliance requirements. These include: two-factor authentication, data encryption and internal auditing procedures to name a few.

Hacking & Malware

Hacking: Instances of hacking make up 23% of HIPAA breaches. Hackers gain access to PHI by exploiting weaknesses in your system. Methods include cracking a weak password, exploiting outdated systems, phishing schemes and more. Often times, an elaborate plot isn’t necessary for them; hackers are opportunists, so if you don’t keep up with your security, they’ll find a way in.

Malware: Hackers will also use malicious programs to gain entry into your system. Malware can attack a vulnerability anywhere in your system including computers, servers and networks. Without the proper antivirus or antimalware protection, malware, viruses or spyware could be running on your system unbeknownst to you.

Human Error or Criminality

Lack of employee training: HIPAA requires that anyone who will be handling PHI receive proper training including volunteers and interns. Once all personnel have been educated on HIPAA requirements, they will be less likely to violate them on accident. Your responsibility to HIPAA compliance also extends to contractors and other associates. Any agreement with these entities should also include compliance plans or training requirements.

Improper third-party disclosure: Because of the Common Agency Provision in the HIPAA Omnibus Ruling, you are responsible for HIPAA compliance of any third-party entities you work with. Before working with any Business Associates or Business Associate subcontractors, you need to make sure there are compliance plans in place or you will be liable for improperly disclosing PHI to these third parties.

Mishandling information: Using paper records significantly raises your chances of mishandling PHI. It’s very easy for an unauthorized individual to see an unsecure paper document. Even using electronic record keeping can be problematic if employees don’t properly protect their devices.

Accidental breach: In an organization dealing with hundreds to thousands of patients, accidents are bound to happen. PHI can be sent to the wrong patient by mistake. Confidential information can accidentally be mentioned outside of the office. A social media post can include inappropriate details. Having a solid privacy policy and clear procedures in place can help prevent these occurrences.

Employee dishonesty: Whether for curiosity or personal gain, employees have been known to access confidential PHI data. Using or selling PHI is obviously illegal, and your organization should be aware of and monitor PHI closely.

Improper disposal: Any information, whether paper or electronic, needs to be properly disposed of when it’s no longer necessary. Papers should be shredded and hard drives should be wiped. Even your photocopier has a hard drive, and make sure you’ve considered mobile devices, as well, such as phones, tablets or laptops.

Achieve HIPAA Compliance With CompanyMileage

Our HIPAA compliant software helps you achieve compliance standards that meet or exceed federal requirements. Our three tiered system of data encryption, secure facilities and strict privacy policies shields your data with extra layers of protection. By storing PHI in a secure, cloud-based location, SureMileage and our mobile app, SureMobile, ensure patient information is easily accessible by authorized individuals while keeping it safe and uncompromised. Protect your data from improper handling or breach by trusting it with CompanyMileage.

To learn how our expense management software can deliver security and peace of mind to your organization, request a demo with CompanyMileage today.

Thumbnail
The CompanyMileage Team

Written by The CompanyMileage Team

Marketing

CompanyMileage helps hundreds of organizations across multiple industries effectively manage the cost of reimbursing employee mileage expenses through it's mileage and expense management software solutions.

Share this blog

What Should Your Mileage Rate Actually Be?

Determine an estimated mileage rate based on gas prices in your area.

$
Hero Background Image

Calculate How Much You Can Save with Our Mileage Reimbursement Software

Ready to see what CompanyMileage can do for your bottom line? Learn how using an accurate, efficient, and simple mileage reimbursement software can translate to over $1,000 in annual savings per mobile employee!

Why Do So Many Organizations Choose CompanyMileage?

There’s a reason why hundreds of organizations prefer using CompanyMileage to track over 500 million miles a year, submit expenses, and process reimbursements. Discover how easy the process can be with the right tools.

Request A Quote For Your Business Today

On average, our clients experience a tenfold return on investment with CompanyMileage. Don't miss out on these savings – reach out to us today and see how much you could save!

Calculate Your Savings

Watch a Demo

Get a Quote