MONTGOMERY – The Medical Association of the State of Alabama has partnered with PCIHIPAA to help protect its members from the onslaught of ransomware attacks, HIPAA violations and data breaches impacting Alabama physicians. Under HIPAA’s Security and Privacy Rules, health care providers are required to take proactive steps to protect sensitive patient information.
“The Medical Association services more than 7,000 Alabama physicians. It’s critical that our members understand the risks surrounding HIPAA compliance and patient data privacy and security laws. We vetted many HIPAA compliance providers and believe PCIHIPAA’s OfficeSafe Compliance Program is the right solution for Alabama physicians. PCIHIPAA’s compliance program is robust and easy to implement. I’m confident our partnership will provide a necessary, value-added program for our members.” said Association President Jerry Harrison M.D.
The partnership comes on the heels of an important announcement surrounding HIPAA compliance regulation. The Director of U.S. Department of Health and Human Services’ Office for Civil Rights recently stated, “Just because you are a small medical or dental practice doesn’t mean we’re not looking and that you are safe if you are violating the law. You won’t be.” In addition, in 2017 hacking and employee errors led to data breaches at Alabama-based Surgical Dermatology Group, UAB Viral Hepatitis Clinic and The University of Alabama, supporting the importance of HIPAA compliance and patient data protection.
According to the U.S. Department of Health and Human Services, OCR has received over 150,000 HIPAA complaints following the issuance of the Privacy Rule in April 2003. A rising number of claims filed under HIPAA in recent years have led many patients to question whether or not their personal payment and health information is safe. As the government has become more aggressive in HIPAA enforcement, large settlements have become widespread and rising penalties for HIPAA non-compliance are a reality.
According to HHS.gov, the types of HIPAA violations most often identified are:
- Impermissible uses and disclosures of protected health information (PHI)
- Lack of technology safeguards of PHI
- Lack of adequate contingency planning in case of a data breach or ransomware attack
- Lack of administrative safeguards of PHI
- Lack of a mandatory HIPAA risk assessment
- Lack of executed Business Associate Agreements
- Lack of employee training and updated policies and procedures
“We are honored to be partnering with The Medical Association of The State of Alabama. They have a 140-year track record of helping Alabama physicians thrive. PCIHIPAA’s mission is to help physicians easily and affordably navigate HIPAA requirements and provide the solutions they need to protect their practices. We find that many practices don’t have the resources to navigate HIPAA law, and are unaware of common vulnerabilities. We encourage all association members to take a complimentary risk assessment to quickly assess their HIPAA compliance and risk levels. To get started go to Start Risk Assessment.” said Jeff Broudy, CEO of PCIHIPAA.
PCIHIPAA is an industry leader in PCI and HIPAA compliance providing turnkey, convenient solutions for its clients. Delivering primary security products to mitigate the liabilities facing dentists and doctors, PCIHIPAA removes the complexities of financial and legal compliance to PCI and HIPAA regulations to ensure that health and dental practices are educated about what HIPAA laws require and how to remain in full compliance. Learn more at OfficeSafe.com and PCIHIPAA.com.