What Is a HIPAA Violation? (And How to Prevent It)

If you’ve ever worked in the medical field, you likely have a love-hate relationship with HIPAA violations.

Known as the Health Insurance Portability and Accountability Act guidelines, HIPAA has incredibly strict guidelines and policies which all medical professionals must follow. And if you’re not familiar with them, it can get you in some muddy waters.

Each year, thousands of HIPAA cases are reported. From “office gossip” about patients to medical supply thievery, HIPAA violations cover a wide span of offenses.

Should you break a HIPAA stipulation, you could be paying for it. For one, you could potentially have your license revoked if rightly accused. And, after that, you may be hit with fines of $50,000 or more.

Many healthcare facilities have already been fined millions of dollars.

So, what is a HIPAA violation? And how can you be sure you and those around you can avoid breaking any HIPAA policies? Keep on reading to find out

What is a HIPAA Violation?

Well, that’s a loaded question to stay the least.

There are multiple HIPAA violation cases reported each year. Ranging from security violation to administration mishaps, HIPAA violations span the gambit. HIPAA violations can even be in reference to data breaching attempts, as well.

Any malpractice or misconduct performed by a medical professional toward a patient’s health records and personal data is punishable under HIPAA. Yes, this even includes the mishandling of health insurance documents, too.

Signed in 1996, HIPAA was passed to protect an employee’s health insurance coverage should they ever lose a job. The same protections are also present when someone is in the transition from one job to the other. It also has guidelines and mandates that ensure the privacy and confidentiality of identifiable health information, too.

Where can HIPAA Violations Occur?

HIPAA Violations can occur beyond the waiting room.

Contrary to what many patients and clients think, HIPAA violations are common amongst those handling medical records. These pop up as misconducted filings, inadmissible disclosures, or purposeful surcharges billed to patients.

Also, data security breaches outside the health office are often reported to the Federal Register. These can include identity theft and unlawful downloading of security camera footage.

How Much Are Fines Under HIPAA?

It’s not cheap to break the law.

Even if someone were to unknowingly break a HIPPA rule, the fines are lofty. And even more so if you willingly break those same rules.

Below are the current fine amounts listed by the Department of Health and Human Resources:

  • Individual didn’t know they violated HIPAA: $100 – $50,000
  • Reasonable cause and not willful neglect: $1,000 – $50,000
  • Willful neglect but corrected within time: $10,000 – $50,000
  • Willful neglect and is not corrected: $50,000 – $1,500,000

What Are Examples of HIPAA Violations?

Well, there’s quite a few to put it mildly.

What is a HIPAA violation, exactly? Like we said before, any malpractice or misconduct performed by a medical professional toward a patient’s health records and personal data is punishable under HIPAA. Yes, this even includes the mishandling of health insurance documents, too.

But what are examples of that? Here’s a few list of the most common HIPAA violations and how you can avoid them:

Employee Errors can be Costly

HIPAA violations have included employees leaving unencrypted backup tapes in their unattended vehicles while parked away off site are plentiful. This also goes for employees who unlawfully take home undisclosed documents and other healthcare information.

An easy way to avoid this is to simply remember not to bring your work home with you.

Neglecting to Follow Up

Generally speaking, someone is issued a warning by HIPAA before any actions are taken. Then, after that, they have about ten days or so to procure the needed follow-up information. This can be documentation, in person testimonies, etc.

Should someone miss that timely window without requesting an extension, they forfeit their innocence. And, lo and behold, are found guilty of the violation.

How do you avoid this? Well, just be punctual, and you’ll be in the clear (hopefully). Don’t fall onto the list of organizations that ignored communications from OCR.

Not Properly Getting Rid of Patient’s Health Records

Another way to be in violation of HIPAA guidelines is to be caught poorly disposing of protected health information. Many record storage devices have emails, faxes, and even hard drives filled with patient information. If someone were to access those documents without consent after they’ve been handled, they’d be in violation of HIPAA policies.

The same can be said about the disposal of paper documents.

The general rule of thumb goes as follows:

If you’re finished with a device and that same device still contains a patient’s healthcare information, destroy it. Whether that’s clearing a hard drive or shredding mountains of paper, just do it. Better yet, hire a company (like Antec) who can do that for you professionally.

Don’t Talk About Confidential Information to Others Around You

Conversing about a patient’s private information to friends and family can be the biggest mistake of one’s career. Because you’re choosing to disclose otherwise confidential information to non-medical professionals, you’re in violation of HIPAA disclosure policies.

A simple mistake like this can have you paying off a hefty fine for years to come. It may even result in the revocation of your license.

So just remember:

Zip your lip to those who aren’t at liberty to discuss that information. Do that, and you’ll have a fulfilling career in the medical field.

But you’re more than welcome to share with them what is a HIPAA violation.

Manage your Business Practices

Be careful not to cross the line by being overly aggressive with your billing.

Medicare and Medicaid fraud are often cited as violations of HIPAA. Along with that, pharmaceutical thievery and self-profiting are also unlawful and punishable.

Cases of employee dishonesty when it comes to medical information can also be in violation of HIPAA policies. This event can include accessing a patient’s file when you’re not currently assigned to treat him or her.

How do you go about solving this, you might ask? Well, don’t let your curiosity get the best of you.

Have any more questions for us on what is a HIPAA violation? Feel free to get in contact with us!

HIPAA Security Reminders

 

HIPAA Security Suite has developed a weekly HIPAA Security Reminder series that’s FREE for all of us who are responsible for, or engaged in, the use and protection of PHI.

Pursuant to Section 164.308(a)(5) of the HIPAA Security Rule, the Standard states: Implement a security awareness and training program for all members of its workforce (including management).

This standard is part of our Best Practices Recommendations for HIPAA Security Suite users, but it’s available for FREE to anyone who wants to comply with HIPAA using the easiest, best tools available.

Subscribe!