HIPAA and Small Businesses

Want to know a quick way to receive a $50,000 fine (or more) for your business? It’s easy; don’t take the necessary steps to eliminate confidential client information, and wait to see what happens. This is not a step-by-step guide for how to close up shop, mind you, but rather a warning as to what could happen if your firm is not doing everything in its power to handle records. Passed into law in 1996, the Health Insurance Portability and Accountability Act (HIPAA) set forth new standards companies are required to meet concerning transactions which pertain to patient medical records.

 

Thus, small business owners that have any form of contact with such documents should take note of the consequences of not doing so. That $50,000 fine is not just some made up figure to scare companies into compliance, as one small healthcare company in Idaho found out recently this year. A lot of companies are not taking HIPAA as seriously as they should, and it is only a matter of time before violators are caught. The federal government takes these matters very seriously and is clearly quick to issue hefty fines in this regard. Here are some tips for ensuring every file you process is securely protected.

 

Complying with HIPAA: Ways to Avoid a Fine

 

  • Hire a shredding service company; A Shred Ahead processes millions of confidential records every year, and we utilize the equipment needed to render these files completely unusable. Whatever you do, do not throw documents in the garbage. All it takes is one determined criminal to make this slip-up extremely costly. Shredding should be considered mandatory.
  • Protect your network; installing a quality antivirus, spyware, and firewall on every computer in your office that has an internet connection. In the digital world, hackers are a force to be reckoned with. As well, don’t allow employees to plug in flash drives or other devices which may compromise desktop hard drive data.
  • Send secure e-mails; even if you know the person on the receiving end of the message is trusted, you should not be taking any chances. Not only could the files be viewed by unauthorized staff, issues also could occur during the transmission of the file, in effect making it vulnerable.
  • Maintain accurate databases; this is true for both hard and digital copies. A messy inventory increases the risk of losing files, and that is not good.

 

HIPAA is not just something large corporations need to be aware of, as it affects all companies. Don’t get into trouble by making a simple mistake.