Elizabeth Anderson spends her time at Rhinogram helping healthcare professionals achieve compliance. This week we asked her about the patterns she sees emerging across the healthcare industry.
Are you a texter or a talker?
Oh, I am most definitely a texter. I typically don’t have time to stop everything for a call. I like the freedom texting gives you to move in and out of conversation throughout the day. It gives me more time to do what I want, when I want.
What most surprised you during your HIPAA certification process?
Several things, really. HIPAA is such a HUGE topic, and so many people have no idea about it whatsoever. I was shocked, of course, by the expense of the fines. A single security breach can lead to a $50,000 fine, even if you had no idea the breach occurred.
I also thought it was interesting that the office of civil rights expects every practice to know and implement every HIPAA rule there is. Patients can ignore HIPAA completely, but it doesn’t work for offices to claim ignorance. I guess the biggest surprise is how few offices are not truly ready for an audit. Lots of offices don’t even realize there are different types of audits!
Honestly, all of this made me want to help healthcare teams even more. Someone needs to help them prepare, why not me?
Most HIPAA violations are accidental. What kind of mistake do you see most often?
It has to do with communications, hands down. I think a lot of offices aren’t aware of the 18 identifiers, and they mistakenly communicate PHI in ways that aren’t secure. I’ve seen so many offices talking to patients on the phone while everyone in the waiting room can hear their conversation, and that is definitely a huge violation. If anyone with any HIPAA knowledge heard that, they would report them immediately.
How has understanding HIPAA changed your experience as a patient?
More and more, I want improved security and better conversations with my healthcare providers. It’s funny, I catch myself walking by or sitting in offices and wanting to go and talk to them about protecting not only me, but also themselves. I see so many violations everywhere now, and it’s not offices purposely doing it; they just don’t know.
Smartphones are now used for texting more than calling. How has that changed best HIPAA practices?
If anything, it supports best HIPAA practices. If you’re texting in a HIPAA-compliant way, those conversations are more secure than a phone call. And if the patient prefers texting (84% of them do), it’s also more personalized.