Explanation of Regular Compliance of HIPAA requirements for business situations.
All institutions that handle personal health information (PHI) are obligated to ensure regulatory compliance with HIPAA laws. This law protects individuals who must trust their PHI in the hands of institutions such as hospitals and clinics to get healthcare.
Team A examines the case of a former practical nurse of Riverside who willfully violated these laws. Team A will outline a plan for educating all staff regularly regarding the ramifications of HIPAA as well as ensuring regulatory compliance. In addition, Team A will discuss the penalties and other repercussions of HIPAA breaches.
A practical nurse at Riverside was able to and did willfully access HIPAA protected PHI such as Social Security numbers and medical records of over 900 patients over a 4-year period (McCann, 2014). There is little doubt that the nurse knew the extent of the criminality she was committing and the vulnerability she subjected the patients to. She has been terminated but will likely face stiff penalties in addition.
Riverside, however, is also guilty of complacency by not conducting stringent audits. The penalty for a HIPAA covered entity is not only fines but the loss of trust and patient confidence, which are difficult to overcome.
HIPAA covered entities are businesses like all other businesses. Management at such a business must institute every possible method to avoid HIPAA violations. Informing all staff as well as patients of HIPAA is the first step. Employees must go through initial HIPAA training and repeat this training regularly. Patients often receive printed information about their right to privacy under HIPAA.
Once HIPAA is ingrained among all the business staff, it is essential that management conduct surprise audits and are vigilant in the daily conduct of staff members. Retraining is essential when a staff member breaches HIPAA by for example sending non-secure emails containing PHI...