2. Training of ALL Employees on HIPAA
Regulations
Health Resources screen employees for any violations
Mandatory training on professional staff for adherence
Training for all support staff on HIPAA guidelines
Emphasize civil penalties and criminal penalties
HIPAA states: $50,000 and imprisonment 1 year
HIPAA states: $100,000 and imprisonment 5 years if disclosure
under false pretenses
HIPAA states: $250,000 and imprisonment 10 years if intent is
to sell information for personal gain or malicious harm
2
3. Things to Avoid to Prevent the
Breach of Patient Information
Check the security of laptops, smartphones, and tablets
Mobile devices, file-sharing applications and cloud-bases
services must be secured
Unsecured medical devices become vulnerable to hackers
Increase security of Health Information Exchanges and
convince organizations to join
Increase annual security-risk assessments
3
4. HIPAA New 2013 Policies
January 17th,finished version of 563 page regulation document
implementing HIPAA
Takes effect March 26th and must comply by September 23
Stricter regulations on subcontractors handling of sensitive
patient information:
Business Associates
Information Technology Companies
Law Firms
Breaches must be report when information is wrongfully
disclosed
Restrictions placed on marketing of information
4
5. References
Annas, G.J. (2003, April 10). Legal issues in medicine: HIPAA
regulations – New era of medical-record privacy? The New
England Journal of Medicine, 1486-1490. Retrieved from,
http://www.mcmaster.ca/ors/ethics/ncehr/2003/apr2003/148
6%20NEJM%20HIPAA%20II.pdf
Wilkerson, J. (2013, January 23). Final HIPAA final rule is
stricter than interim regulation on data
protection. InsideHelathPolicy.com’s Inside Health Reform,
5(4). Retrieved from, ProQuest Database Health
Management. (Document ID: 1272087114).
5