Did you know that a data breach can put you out of business?
A national medical records firm is one of the latest examples of how that can happen.
On New Year’s Eve, Impairment Resources LLC’s San Diego office was broken into. Their electronically-filed information from 14,000 patients – including their addresses, Social Security numbers and medical diagnoses – were taken.
The company did its due diligence and reported the breach, but several weeks later it also filed for bankruptcy protection. According to reports, Impairment Resources had $226,000 in assets, more than $580,000 in liabilities, and the potential for countless lawsuits from individuals resulting from the data breach.
Regardless of how sensitive information gets into the wrong hands, the consequences can be significant, and it’s not just large companies at risk.
Medical practices of all sizes must be compliant to the privacy and security rules set out by the Health Insurance Portability and Accountability Act (HIPAA). There must be appropriate safeguards in place to protect patients’ health information.
Here are some of the most important safeguards:
- Develop a HIPAA compliance program and review and update it regularly
- Document policies and procedures
- Be sure HIPAA training is in place for employees
- Introduce a shred-all document shredding policy to ensure all sensitive documents are securely disposed of and permanently destroyed when no longer needed