At Computer Techs we make sure you don't have to work on your technology.

What Are Some Common HIPAA Violations?


What Are Some Common HIPAA Violations?

When discussing common HIPAA violations of HIPAA laws, it’s important to remember that every business is different.

The bottom line is that all these violations must relate in some way to the loss of HIPAA protected health information (PHI). PHI is any demographic information that can be used to identify a patient. Common examples of PHI include names, dates of birth, addresses, phone numbers, email addresses, Social Security numbers, insurance ID numbers, health care records, and full facial photos, to name a few.

Some causes of most common HIPAA violations are data breaches that can lead to HIPAA fines. Examples of incidents that can lead to data breaches and subsequent HIPAA violation are listed here:

  • Stolen/lost laptop
  • Stolen/lost smart phone
  • Stolen/lost USB device
  • Malware incident
  • Ransomware attack
  • Hacking
  • Business associate breach
  • EHR reach
  • Office break-in
  • Sending PHI to the wrong patient/contact
  • Discussing PHI outside of the office
  • Social media posts

HIPAA violations commonly fall into these few categories:

  • Uses and disclosures
  • Improper security safeguards
  • The Minimum Necessary Rule
  • Access controls
  • Notice of Privacy Practices

Any of the common HIPAA violations discussed in the list above can involve PHI. When PHI is compromised, a report of the incident must be filed with the Department of Health and Human Services (HHS) on the Breach Reporting Portal. The HIPAA Breach Notification Rule also states that individuals affected by the breach must be notified in accordance with the regulatory guidelines.

Preventing Common HIPAA Violations

The most important thing to remember is that these common violations of HIPAA laws can be mitigated when you implement an effective compliance program that works for the needs of your business.

Finding a compliance solution that’s right for you isn’t an easy check-off-the-box exercise. The strength and protection of a HIPAA compliance program is how you tailor it to the needs of your individual business to avoid the risk of these common HIPAA violations.