Above all, I value medical providers who practice good medicine for their patients, and that often means ignoring everything -- politics, insurance, regulatory niggles -- outside the room.
But sometimes I hear fellow medical providers flaut HIPAA dangers in ways that, ultimately, put their ability to care for patients at risk. Doctors text patient questions to each other. They use their phone's built-in camera roll for patient photos. They email medical records or other info back and forth to each other.
It recently came to our attention that the first HIPAA noncompliance enforcement actions are likely to hit business associates in coming months. Business associates became directly liable for HIPAA in 2013, and actions take 2-3 years to settle -- so we should see those first fines soon. Since these rules can be confusing -- and because HIPAA fines can be catastrophic -- we wanted to bring a roundup of our best tips and and perspectives on staying HIPAA compliant.
Tools for staying HIPAA compliant, even while doing healthcare collaboration and telemedicine:
- Know your risks and the consequences of violating HIPAA
- Read up on the definition of business associates and how to assess your risk.
- Explore tips for avoiding HIPAA and audit failures
- Never use email for patient health information (PHI)
- Never use your phone's camera roll for patient photos
- Be cautious about BYOD policies but don't reject the use of smartphones for healthcare collaboration.
- Don't overcomplicate things -- do at least these 3 simple things to keep yourself HIPAA-safe.
- Know what to do if you lose your smartphone.
We know from watching our colleagues and customers that you can do healthcare collaboration and telemedicine in ways that are compliant with HIPAA. It just means doing what's right for the patient -- and knowing your boundaries as you do so.
Learn to avoid the "bring your own device" (BYOD) pitfall to staying HIPAA compliant. Get our free white paper: