Big Data Breach Highlights HIPAA Compliance Needs and Issues

News stories about financial data like credit card numbers being compromised by electronic security breaches have become increasingly regular. An even greater risk is posed by the theft of personal information from healthcare providers.

Publicly traded hospital operator Community Health Systems recently experienced this nightmare first-hand. According to a Securities and Exchange Commission filing, a cyberattack lasting from April to June of this year compromised the names, addresses and Social Security numbers of 4.5 million patients. U.S. Office of Civil Rights statistics put this as the all-time second largest theft of patient data.

The Health Insurance Portability and Accountability Act, or HIPAA, was instituted to ensure the highest standards of security for electronic data transmission in the healthcare industry. While fines for individual violations are capped at $1.5 million, there is theoretically no overall limit for penalties. In 2010 Cignet Health in Maryland was charged with a $4.3 million fine for breaching HIPAA as well as ignoring federal inquiries.

These incidents and others underscore the serious nature of data security in the healthcare industry. In order to maximize protection, HIPAA regulations were broadened to extend to so-called “business associates”. These third-party companies can also be held financially liable for any violations.

At MedConnectUSA we fully appreciate the importance of protecting the privacy of your patients. Our telephone operators and management receive ongoing training in HIPAA compliance along with random testing to assure consistency. All interactions with your patients are redundantly backed up to guarantee access even in the case of a disaster. Visit our website to learn more about our flexible service plans.