HIPAA May be the Least of Your Compliance Worries

The following is a guest blog post by Mike Semel from Semel Consulting.  Check out all of Mike Semel’s EMR and HIPAA blog posts. What requirements have you hidden away? I visited a new healthcare client last week, and asked if anything in particular made them call us for help with their HIPAA compliance. They surprised me by saying that their insurance company had refused to sell them a cyber-liability/data breach insurance policy, after they saw the answers on our client’s application. When was the last time you heard about an insurance company not selling a policy? That’s like McDonalds looking you over, and then refusing to sell you a Big Mac. Our client was scared that they would have to risk the full financial burden of a data breach, which, based on the number of medical records they have, could exceed $10 million. Everyone knows that HIPAA is a compliance requirement. But it isn’t the only one you should focus on. Use my definition of Compliance, which is, simply, having to do things required by OTHERS. We personally deal with compliance requirements all the time. We stop at traffic lights. We have our car inspected. We fasten our seat belts. We empty our pockets at airport security. We pay our bills on time. At work, we wear an ID badge, show up on time, and park in an approved space. At home, we take our dirty shoes off before walking on the carpet. There are risks associated with NOT doing each of these things. It can be a big mistake to focus so much o...
Source: EMR and HIPAA - Category: Information Technology Authors: Tags: Healthcare HealthCare IT HIPAA General HIPAA Training HIPAA BA HIPAA Business Associates HIPAA Compliance Mike Semel Semel Consulting Source Type: blogs