On October 25, 2017 the UAB Medicine Clinic personal health information (PHI) was exposed during a data breach. The total amount of patients impacted by this threat was close to 700. Information which was stolen included last names, birth date, gender, diagnosis, date and time of the examination, numbers and images associated with test results, and the referring physician. Its reported that sensitive information which includes social security number or forms of payments was not exposed.
More recently a complaint filed by the attorney general’s office of MA, stated that Multi-State Billing located in NH did not comply with law that required it to take reasonable steps to safeguard the personal information from unauthorized access or use. Again, an AG from Massachusetts was able to file a claim for not securing its customers personal information.
The Personal Health Information Protection Act is a detailed piece of legislation which addresses complicated issues concerning the collection, use and disclosure of personal health information by health information holders.
In 2017 alone, there have already been over $45 million in fines assessed due to data breaches. It is for this reason that MedAssure is beginning to offer a breach reporting and privacy compliance service. This will educate your organization on whats steps to implement to become more data safe. In case of a data breach we supply you with vital info on where and how to report when your PHI is compromised.
Here are three steps to take to avoid a data breach
Safeguard Data. If your office contains sensitive information which is vital for the organization password protect the files. Only the exclusive members should have the passwords to access those documents.
Get a Paper Shredder. Get in tuned to shredding documents instead of placing the straight in the garbage. Unfortunately, the classic way of getting hold of personal information still exist.
Educate/Train Employees. When employee is hired make sure that they understand that being data safe is regular protocol for the facility. It is highly valuable to signup for the MedAssure CSR Readiness Program and use it as needed.
Secure Computers and Networks. Your networks should be secured and locked at all times. Don’t ever give out your WiFi password or leave access to your network room. Make sure to take off the sticker off your router which has the pass code. If you want to offer WiFi in your waiting room setup a separate network.
With all that has gone on with data breached as an administrator you have to anticipate that your PHI will be compromised. Last week it was reported that Uber hid a data breach affecting 57 million users and drivers for nearly a year. It can happen to organizations both big and small. All we are the corporations which get affected but data is compromised daily on all levels.
If your company is interested in the MedAssure CSR Readiness Program you can fill out a form here or reach our to one of our account managers at 877.963.3277 Ext – 260. We guarantee that you will be more at ease when you get educated and understand the threats and how to stay protected.
Get data safe today for only $49.99 a month