Healthcare organizations need to ensure PHI (Protected health information) privacy if they want to avoid steep penalties. After the HIPAA Omnibus Final Rule was published in January this year, a final deadline has been set for practices to keep PHI secure and confidential. In case healthcare providers fail to comply with the new requirements, the practices will invariably have to bear legal and financial impact, and most practitioners need to work quickly in order to avoid such a scenario.
Impact of PHI breach on practices-
The focus on PHI privacy has increased to a great extent due to rise in data breach. In the last two years, at least one case of PHI data breach has been noticed in approximately 94% healthcare practices, which is quite alarming. Internal resources are not able to discover majority of such breaches and once they are discovered, practices can be slammed with penalties of up to $1.5 million per breach.
The magnitude and frequency of PHI data breaches are skyrocketing and if it continues in the same manner, the average annual cost to healthcare industry could soon reach up to an estimated $7 billion.
Browse all : Medical Billing Services & HIPAA Articles
PHI data breaches not just result in financial and legal hassles for a practice but it also leads to operational, reputational and clinical impact. Such breaches also affect patient treatment, marring the reputation of a healthcare practice in the industry.
PHI has become more susceptible to intentional or accidental disclosure, theft or loss due to evolution of electronic health systems. Hence in today’s challenging healthcare landscape it has become essential for practices, big or small; to ensure that the possibility of above mentioned impacts is avoided before it is too late.
Challenges in complying with HIPAA requirement -
As per the state regulations and Final Privacy Rule, all healthcare organizations are required to demonstrate their access to PHI data, involving the challenging task of transition to electronic records amidst rising volume of data. If there are gaps present in the current system or log files, the process becomes more cumbersome.
Significant changes made to HIPAA by the HITECH Act has additionally placed new challenges on practices and it has become essential for them to make increased compliance efforts like-