While it's unfortunate to think about, hospitals are made up of human workers, and these individuals sometimes make errors. This is something that every hospital needs to prepare for, whether they are a large hospital or a small medical facility with only a few workers. For example, HIPAA violations could be quite costly, with some penalties under the HITECH ACT of 2009 reaching $1 million in fines.
Even though this case involved a large hospital losing paperwork with important information, healthcare IT professionals at all types of medical facilities can learn the precautions to take by looking at this example.
Mony Weschler, the director of ancillary informatics at New York's Montefiore Medical Center, spoke to InformationWeek Healthcare about how IT departments are switching up their practices due to the laws. In the interview, she said that in order to reach full HIPAA compliance, IT organizations now need to ensure information is protected when it transfers between employees or to patients.
Specifically, Weschler cited electronic communications with patients, according to the news source. She said the process is no longer as simple as emailing a report, that instead healthcare providers need to set up sophisticated passwords and IDs so that patients can access reports electronically.
Certain computer providers offer products and services that could help encrypt messages before, during and after they are sent. However, to ensure that a facility's transition to a HIPAA-compliant paperless medical office complete with EMR software runs smoothly, doctors may want to speak with a company that can offer consulting and expert guidance when it comes to any major transition.
By working with a trusted provider of medical software, doctors could gain the support they need and the ability to put their focus where it's most needed, on patients.