Most of us know the HIPAA Privacy Rule primarily as that document you sign when you go to the pharmacist. But if your business is in the health industry or intersects with it, HIPAA is a great deal more than that. Even if you aren’t directly connected to this sector, it's helpful to understand the ramifications of digital privacy and security.
Earlier this year, the Cancer Care Group, an Indiana-based oncology practice, got hit with a $750,000 fine for a breach of patient information from an unsecured device. This underscores the need for healthcare-oriented sites to pay particular attention to online security.
What is the HIPAA Privacy Rule?
The Rule “requires appropriate safeguards to protect the privacy of personal health information, and sets limits and conditions on the uses and disclosures that may be made of such information without patient authorization.”
“In addition,” say the CMS, “health plans will be required to certify their compliance. The Act provides for substantial penalties for failures to certify or comply with the new standards and operating rules.”
What the HIPAA Privacy Rule Means for You
The Cancer Care Group breach illustrates several issues regarding online security:
- Saving money by neglecting safety will eventually cost you far more money than you would have spent originally.
- If the absence of security leads to a breach, you will pay for it with your reputation.
When it comes to data breaches, it’s always better to play it safe. You shouldn’t be taking risks when it comes to the security of your data and your business, no matter the sector you’re associated with.
If you need help with security such data, you can turn to EiQ to consult experts in the field. EiQ’s security monitoring technology and managed services will help you avoid what happened to the Cancer Care Group.
Top photo credit: Pressmaster/Shutterstock