Physicians Attorneys in Houston Texas

The Health Information Portability and Accountability Act (HIPAA) is undoubtedly a regulation that is well known to all medical practices that work hard to stay in compliance. Yet despite the effort that many practices take to be compliant, some may find themselves in need of physicians HIPAA compliance defense due to carelessness or simple mistakes.

Physicians attorneys assert there are a number of common violations that could result in complaints about a practice. Fortunately, these issues can be resolved by addressing the problem and creating company policies that promote HIPAA compliance. Following are some of the violations that may occur within a healthcare practice:

  • Missing Signatures and Authorization Expiration Dates - An authorization form without a signature is useless. Similarly, many authorization forms contain expiration dates. Whether a form is not signed by the patient or the date of the signature has expired, practices must not share records since they do not have proper legal authorization.

  • Inclusion of Right to Revoke - Another detail that physicians attorneys find overlooked is the inclusion of a right to revoke clause on the form. Unless this clause is present, even a signed authorization form that is within its expiration date is considered as legally invalid.

  • Failure to Release Records to Patients - According to HIPAA, patients have the right to receive their medical records in an electronic format promptly upon demand.

  • Improper Release of Patient Information - With an active authorization, patient records are to be released only to designated individuals or organizations. Instead, many practices find themselves in need of physicians HIPAA compliance defense due to the unauthorized release of records to the wrong parties, to parties excluded by the patient, or release of the wrong patient records.

  • Lost, Stolen, and Hacked Devices - Laptops, smartphones, and many other devices that can access the company network where records are stored must be carefully protected, both physically and against hacking. Theft or the breach of various types of technology is a prime cause of many HIPAA violations.

  • Unsecured or Unprotected Data - Whether patient records exist in paper or electronic format, they must be protected against access by any means. For paper copies, this means storing records in locking file cabinets or a secured and locked office. Electronic records require a secure network, strong passwords, and electronic devices that utilize encryption and appropriate data security methods.

  • Improper Disposal of Records - Shredding hard copies and removing electronic files from a computer network are not the only requirements in disposing of medical records. Practices must also consider other devices, including some copy machines, that have internal hard drives and may have retained such records. Data must be thoroughly removed from any and all devices where data may be stored including smartphones, tablets, and any other device that has access to patient records.

  • Third Party Records Release - Whenever records are released to a third party, physicians attorneys warn that a medical practice must have a third party compliance agreement in place to protect themselves. In the event the third party improperly discloses patient information, the original releasing party could also be in violation and find themselves looking for help from physicians HIPAA compliance defense services.

  • Employee Talk, Poor Training, and Dishonesty - Employees have access to patient records every day. Between the lack of proper training on HIPAA compliance and procedures, nosiness, and just plain dishonesty, some practices have violated compliancy. Employees may not discuss patients with anyone else outside the practice or access records in any way other than what is required by their job. It is up to practice owners and managers to ensure that all employees are properly trained about HIPAA compliancy to keep this from happening.

HIPAA compliance is something that every medical practice must take very seriously. Those found in violation for improper handling of patient information could face serious consequences, including large fines. Rather than taking this risk and need physicians HIPAA compliance defense, a practice should create an effective compliance plan with the help of experienced physicians attorneys who understand HIPAA and know how to prevent common violations.

The Stevenson Law Firm, PC
6302 W. Broadway, Suite 120
Pearland, TX 77581

Phone: (832) 481-4548