The Health Information Portability and Accountability Act, also known as HIPAA, sets the standard for healthcare data protection. Health information must be protected. The information regulated by HIPAA is called protected health information or PHI. This directly affects hospitals and clinics, assisted living communities, human resources personnel files (FMLA and ADA), as well as today’s technology.
Now more than ever, we are technology driven in just about every aspect of lives – millions use fitness trackers, smartwatches that record and track bio-metric data. Apps on phones and tablets also maintain and store health information, and it keeps evolving. Even Amazon’s Alexa voice-activated assistant has become HIPAA compliant.
Beyond the apparent confidentiality reasons, fraud related to the protection or lack thereof of health information is a billion-dollar industry. The risks and fines associated with HIPAA violations can be as high as $25,000.00 per instance. In 2018, the University of Texas MD Anderson Cancer Center was given a penalty of $4.3M for HIPAA violations by the Department of Health and Human Services (HHS) for failing to protect health information. Another HIPAA violation case that made headlines involved a former nurse who stole protected health information from over 105 patients and filed fraudulent tax claims with the IRS totally over $1M.
Internal snooping can garner fines and embarrassment as well. In 2019, Northwestern Memorial Hospital fired dozens of employees for violating HIPAA and their institutional guidelines for patient privacy when it was determined that employees illegally accessed the medical files of actor, Jussie Smollett, who was treated and released during a high-profile case that gained national attention. In 2008, UCLA fired 13 employees and suspended six others for accessing the popstar, Britney Spears’s medical records.
Again, healthcare organizations are not the only ones that need to be HIPAA compliant. Any organizations, entities, vendors, or individuals with potential access to PHI data must be compliant. This includes billing, human resources, insurance providers, shredding services, IT service providers, email encryption services, and cloud or physical storage providers should ensure HIPAA training, education, and awareness. Also, any companies that offer technologies that monitor, record, track, or analyze biometric activity need to ensure their devices are operating in compliance with HIPAA guidelines and security rules.
HIPAA Knowledge Tests Improve Compliance
Companies need employees who are knowledgeable about HIPAA to help enforce and ensure HIPAA compliance enterprise-wide. The best way to recruit and screen HIPAA specialist is to administer HIPAA assessment tests to ensure the candidate has knowledge and understanding of HIPAA rules. For instance, privacy rule, security rule, omnibus rule, and breach notification rule.
eSkill is the #1 skills assessment test provider to Healthcare organizations. Use HIPAA tests to build more competent organizational practices, culture, and communications around HIPAA compliance.
Chris Fields is an HR professional and expert resume writer with more than 13 years of experience as a former practitioner and current HR consultant. He is the curator of two websites: CostofWork.com and ResumeCrusade.com , and contributes HR-focused content to many others, including PerformanceICreate.com and SmartRecruiters.com .
He has been listed by the Huffington Post as one of the “Top 100 Most Social Human Resources Experts to Follow on Twitter”, one of the “Top 40 under 40” by the HR Blogger Network, one of the “25 Must-Read HR Blogs in 2013”, and also featured on Oprah.com.
He is very active with the Society of Human Resource Management, working closely with conference directors, communication chairs, and social media teams from Illinois, Oklahoma, and Tennessee to develop social strategies to engage attendees and enhance their conference experience.
Chris earned his master’s degree in Labor and Human Resources from Ohio State University. In 2005, he moved back to his hometown of Memphis, TN, where he has developed a reputation for helping his clients create HR strategies, and individuals master the tough economic challenges of the South.