The government emphasis on patient privacy has resulted in increased penalties for HIPAA violations. Studies suggest, however, that medical practices often fail to comply with HIPAA guidelines for securing health information. The article “Most Practices Face Increased HIPAA Risks Due to Security Lags,” in Physicians Practice summarized some of the most troubling findings regarding HIPAA violations. Keep in mind that in healthcare PR, data security violations can become major PR crises.

The following are the three of the most concerning findings and guidance on how to step up security:

  1. Only thirty-one percent of respondents say that they have implemented guidelines for bringing mobile devices to work in healthcare settings. Many security breaches are due to theft or misplacement of mobile devices that contain private information. Utilizing these devices in a work setting is a huge risk for patient privacy. Regulating the use of mobile phones is crucial for protecting patient privacy. To avoid problems, a workplace can create a mobile device agreement that reinforces the importance of mobile security. A workplace can also mandate that all mobile devices be encrypted and password protected to avoid any problems.
  2. Only sixty-one percent of respondents back up their data securely on a second server. HIPAA mandates that practices maintain retrievable copies of ePHI, however many are failing to comply. Many healthcare workplaces feel as though this is a daunting project; however it is often simple to do. Moving to the Apple Cloud is an easy way for businesses to automatically back up their patient data.
  3. Only thirty-one percent of practices have conducted a risk analysis. Though a risk analysis is mandatory under HIPAA, many practices are failing to comply and conduct a thorough assessment of the potential risks. If practices fail to comply with this standard, their confidentiality, integrity, and availability of their electronic protected health information are at risk.

It is important for medical practices to take steps to secure private patient information and avoid HIPAA violations. Is your practice taking appropriate action to secure patient information?

If you’re in healthcare, insurance, technology or other professional services industries, and need help with a PR, marketing or social media campaign, contact Scott Public Relations.

Like what you’ve read? Follow Scott Public Relations on Facebook , Twitter, Pinterest, LinkedIn and Google+. For convenient blog updates, sign up for the Einsight RSS feed!

(Note: Many internet browser platforms are discontinuing their internal RSS reader. If you are viewing this in Google Chrome the RSS feed will not work properly since they discontinued Google Reader. If you have an independent reader set up already you should be fine. If you do not, may we suggest you look to Digg Reader, AOL Reader, or our personal favorite – Feedly to handle your RSS feeds. Happy reading.)