A HIPAA breach has lasting impacts. A breach will trigger an investigation and may result in civil penalties. A breach can erode the patient trust in the provider and the medical community. A breach also opens your office up for litigation.
Information that has been involved in previous breaches has included patient demographics, patient financial data as well as their medical history. Once the privacy of that information has been breached, there is no way to make it confidential again. Patients have been humiliated and had their identities stolen as a result of HIPAA privacy breaches. Attorneys have found ways for patients to sue your office over a breach.
According to law firm BakerHosteler, of 23% of the lawsuits due to data breaches are in the healthcare industry. Tenet Healthcare and its affiliate Baptist Health System are currently facing a lawsuit seeking more than $1 million in damages over a data breach. Other providers have had to pay reparations over $300,000 for unauthorized disclosure of personal health information.
The best way to avoid being sued for a healthcare breach is to not have a data breach. There are many measures that your office can take to minimize the chance of a breach in your practice including:
- implementing multi factor authentication
- enabling security features on emails (SPF, DKIM, DMARC) and
- managing patch updates.
It is also vital that staff be trained in HIPAA and regularly re-trained to keep up with the constantly changing threats to your data. This training will enable them to identify situations where patient data could be inappropriately disclosed and to prevent these potentially devastating events in your practice.
If you need support to ensure your office is HIPAA compliant, reach out to TLD Systems at (631) 403 6687 or email@example.com.