The Meridian Blog: Tech News, Tips & More for SMB and Enterprise Environments

Five Best Practices to Avoid Common HIPAA Violations

Juliana Lee

Posted by Juliana Lee
June 6, 2017

Fines up to $1.5 million, loss of clients, and negative publicity are just some of the serious consequences of violating the 1996 Health Insurance Portability and Accountability Act (HIPAA).

The penalties for non-compliance are based on the level of negligence, and in some cases carry criminal charges that can result in jail sentences. HIPAA compliance is serious business, and when penalties are levied one of the main things taken into consideration is what, if any preventive steps were taken.

With that in mind, here are some basic best practices to implement regarding HIPAA compliance, including:

  1. Comprehension of the guidelines
  2. Training
  3. Guard against 3rd party disclosure
  4. Proper disposal methods
  5. Mobile device management

Read on to learn about each of these five best practices, and how you can implement them.

Read More

Who Needs to be HIPAA Compliant?

Robert Bruce

Posted by Robert Bruce
June 24, 2015

The common misconception that the Health Insurance Portability and Accountability Act (HIPAA) is just for medical companies is one that could have serious consequences, especially for a small-to-midsized business (SMB).

The act has official rules that specify required compliance by covered entities (CE), which are: healthcare providers, health plans, or healthcare clearinghouses, and business associates — that is, any company that comes in contact with electronic protected health information (e-PHI). According to the U.S. Department of Health and Human Services, all of these are considered covered entities and must comply with HIPAA encryption requirements to protect the privacy and security of protected health information.

Keep reading to learn more about:

  1. Who needs to be HIPAA compliant
  2. Why being compliant is a necessity
  3. PHI implications
  4. And more
Read More

5 HIPAA Compliance Best Practices and How MSPs Keep DC SMBs Compliant

Juliana Lee

Posted by Juliana Lee
March 10, 2015

The Health Insurance Portability and Accountability Act of 1996 (HIPAA) protects health insurance coverage for workers and their families when they change or lose their jobs. Unprotected health information can be a tempting target for hackers and other data thieves as illustrated by the recent data attacks on Anthem, one of the largest health insurers in the US.

In 2003, the U.S. Department of Health and Human Services (HHS) finalized its HIPAA security rule to provide organizations with “administrative, physical and technical guidelines” to safeguard protected health information (PHI). The Privacy Rule addresses the use and disclosure of individuals’ health information by organizations subject to the Rule, called “covered entities.” Within HHS, the Office for Civil Rights (OCR) has the responsibility for implementing and enforcing the Privacy Rule with respect to voluntary compliance activities and civil money penalties, ranging from $100 to as much as $1.5 million. The law also allows for criminal penalties of up to 10 years in prison for HIPAA privacy violations.

With so much at stake, many large medical and health enterprises, particularly those with their own IT departments have dedicated HIPAA specialists whose primary task is to guard against any kind of HIPAA non-compliance. Some smaller businesses, especially medical practices, without a resident IT HIPAA specialist are partnering with a trusted Managed Services Provider (MSP) to ensure HIPAA compliance. HIPAA compliance requires a concentrated team effort and attention to detail.

Here are five essential best practices for HIPAA compliance:

  1. Perform a Protected Health Information Inventory
  2. Evaluate Your Security Policies
  3. Conduct a Risk Analysis
  4. Plan for Contingencies
  5. Have an Incident Response Policy and a Disaster Recovery Plan

Read on to learn more about how you can implement each of these compliance best practices.

Read More

Five Compliance Environments You Should Know About

Robert Bruce

Posted by Robert Bruce
March 4, 2014

In the Digital Age, document storage and compliance with local, state, and federal regulations has never been more important, nor more complicated. From Sarbanes/Oxley to the Affordable Care Act, the devil is in the details. And those details involve accurate record keeping solutions. These solutions may vary from using dedicated software to employing an outsourced managed document services provider.

Read More

Leave A Comment

About this blog

News, best practices and more to help you get the most out of your office technology. Whether you're an SMB owner who wears a lot of hats, or an enterprise IT director, facilities manager or just someone who wants to work smarter — this blog has the resources you need to maximize the business impact of all your tech investments. Be sure to subscribe to receive email updates about new posts!

Download our eBook