Although the Health Information Technology for Economic and Clinical Health (HITECH) Act of 2009 authorized initial grants and incentives to promote “meaningful use” of electronic health records (EHRs) by providers, one of the potential risks that has not been given much discussion is the risk of medical malpractice liability.
When a pharmacy learns of a HIPAA breach, it, and its business associates involved in the breach, are required to report the incident to the government. But not all violations are reportable and may not be considered a breach.
When it comes to investing in IT and data security, the healthcare field has been known to lag behind other business sectors. That underspending, coupled with the massive shift from paper to digital records in recent years, has put the industry in some crosshairs.
As I visit with providers, I discover managers that are not well educated in the HIPAA process, and do not understand they are required to do an annual Security Risk Audit and review of their practice even if they do not have an EMR, writes Carol Gibbons in her latest blog.