Healthcare Organizations Concerned about HIPAA Security and Compliance

A recent survey conducted by eFax aimed to discover some of the main issues faced by HIPAA-covered entities when it comes to the transmission of Protected Health Information (PHI). The survey was conducted to allow the company to explore healthcare communications and to identify some of the key issues which need to be addressed to help IT administrators become, and stay, compliant with HIPAA.

The survey was sent to the company’s corporate healthcare customers, which included large healthcare providers and hospitals, physician, group practices and medical suppliers.

HIPAA Compliance is the Major Concern

54.1% of respondents said that HIPAA compliance was their biggest area of concern for dealing with the increase in paperwork that comes with healthcare exchanges and the Affordable Care Act.

It is now 6 months on from the issuing of the Omnibus Rule and compliance is still clearly a major problem, as are the huge financial penalties that can be issued for HIPAA violations. 37.1% of respondents said that their biggest security concern about PHI and sensitive data was financial liability for HIPAA violations.

Last month, data breaches exposed the records of over 201,000 individuals, with 24 breaches reported to the Office for Civil Rights (OCR). The OCR investigates breach reports for indications of HIPAA violations, and a compliance review can be triggered if violations are suspected.

Even if violations did not contribute to the cause of a breach, financial penalties can still be issued. The fines can be as high as $1.5 million, per violation category, with that number then multiplied by the number of years the violation was allowed to persist.

Technology to Help with HIPAA

The survey asked about the main technologies to ensure compliance with HIPAA, with respondents selecting private cloud computing and IT disaster recovery/offsite backups as providing the most value, with 46.5% and 48.5% of respondents selecting these choices. Internal tracking software to monitor logins and access were also selected as offering the most value by 44% of respondents.

The main technology priority for the year for the organizations questioned was fairly evenly divided, with EHRs on top with 31.1%, mobile solutions second with 26.7%, cloud-based applications third with 24.4%, and data analytics was the main priority for 17.8% of respondents.

Author: Steve Alder has many years of experience as a journalist, and comes from a background in market research. He is a specialist on legal and regulatory affairs, and has several years of experience writing about HIPAA. Steve holds a B.Sc. from the University of Liverpool.