Open Enrollment is hectic enough without adding a HIPAA breach to your mountain of work. Here are 5 tips for staying HIPAA compliant during the busy open enrollment season:
1. Don’t leave your laptop unattended! How many of us leave our laptop in our car when we run into the grocery store or go to our kids’ sports event right after work? Even if your laptop is encrypted, keep it on your person when you’re running errands or traveling to ensure it doesn’t get stolen.
2. Slow down and double check that email. If you have access to PHI, most likely you have a way to encrypt ePHI before sending. The catch: it only works if you remember to use it! Slow down and triple check that you are sending that PHI to the right person and through a secure channel.
3. Don’t print PHI unless it’s absolutely necessary! Bottom line, most PHI doesn’t need to be printed. If it absolutely must be printed, use a printer with passcodes that will only print while you’re standing at the printer.
4. Have a clean desk policy! We’ll say it again… most PHI doesn’t need to be printed! But if you have printed PHI, make it a policy not to leave your desk without securing PHI in a locked cabinet or shredding it if it is no longer needed.
5. Work on PHI in a private space. Remote work gives us the freedom to do our jobs in an airport, coffee shop, friend’s house, wherever! Remote work also opens us up to unsecured networks and prying eyes. Avoid working on anything PHI-related in unsecured spaces.
Remember! penalties can range from $100-$50,000 per violation, depending on circumstances. Let’s also not forget how costly HIPAA breaches can be beyond penalties:
- Public perception
- Staff time and morale
- Legal fees
- Loss of staff and client trust
Check out our “Do This, Not That!” poster! Share with your team or hang this up for a visual reminder!