Understanding some common HIPAA violations

People in North Carolina who work in the health care industry know that they are mandated to follow the rules set forth to protect patient information by the Health Insurance and Portability Act. While most people have a basic understanding of what HIPAA refers to, not everyone may understand the broad range of things that can be involved in an alleged violation of this law.

As explained by HIPAA Journal, management of protected health information is associated with many such violations. The act of leaving a device containing PHI, such as a laptop, unattended may give rise to a complaint. Another common factor is the disclosure of personal or protected data to the wrong party or in the wrong manner. For example, such information is not to be sent via a personal email account. An employer is not allowed to be informed of an employee’s health condition. Similarly, the deletion or disposal of any PHI must be done in a manner consistent with HIPAA but often is not.

Medical organizations are responsible for HIPAA compliance at a high level, yet many end up at risk of a violation if they do not have a strong process in place to assess their risks across the enterprise and enact a risk management plan and process.

If you would like to learn more about how to protect your professional career, as well as some things that may contribute to allegations of law violations, please feel free to visit the HIPAA violations page of our North Carolina health care practice and business website.