Technology Blog »

What Can a Celebrity Teach us about HIPAA?

Avoid HIPAA Breaches block social media

A few generations ago, healthcare workers had far fewer opportunities to gossip about patients.  But with social media and instant messaging, healthcare employees have plenty of opportunities to breach information before realizing what they’ve done.  A great lesson in what a social media breach looked like involved a recent stay of Kanye West at a UCLA Medical Center.  As an international superstar, more information on why Mr. West was admitted to the facility was in high demand. 

Several employees ended up sneaking a look at his medical history and talking about it on social media, forcing the medical center to launch a breach investigation and eventually fire a number of individuals. It’s a great example of how HIPAA can affect our everyday lives, but what impact does it have on the average small- or medium-sized medical practice or medical billing company?

Smalltown Disclosures

Even if you have a small medical practice you may be treating a celebrity, especially in the NY/NJ tri-state area and just mentioning someone is a patient or has been treated  is enough to constitute a breach. Let's look at a situation that could be more likely to happen, not even involving a celebrity, imagine you run a small medical practice in a small town. You employed a high school senior as your receptionist and he or she helped a former teacher schedule a doctor’s appointment.

If the receptionist were to post about it on social media -- or even just text a couple of his or her friends -- that would constitute a data breach. Think about it, if that teacher’s appointment was for something embarrassing, students and fellow faculty knowing about it could result in quite a bit of “harm” to him or her.

Implement IT Solutions to Avoid Breaches in the First Place

In addition to conducting multiple employee trainings per year, any HIPAA-compliant office should also implement:

  • Exhaustive URL filtering to keep employees with company-provided workstations from accessing social media sites, messaging platforms, and anything that could lead to a breach.
    Thorough mobile device management solutions to keep employees from using their phones to disclose protected information while at work.

As HIPAA experts, we know the most efficient route to reliable compliance. HHS audits are on the rise, and you need a Managed IT Services consultant that leaves you feeling confident in your ability to weather whatever comes your way. For more information about our compliance services, call us today.