HIPAA Compliance: You’ve Got to Be More Careful

Are you taking your pharmacy’s  HIPAA Compliance seriously?

hP2-300x225I’m sure you’ve heard about the million-dollar settlements that Rite Aid and CVS paid for HIPAA violations. Here’s a January 2, 2013 headline you may have missed: HHS announces first HIPAA breach settlement involving less than 500 patients. The Hospice of North Idaho agreed to pay $50,000 for a breach of unsecured electronic protected health information (ePHI).
The HHS Office for Civil Rights (OCR) doesn’t just investigate the big pharmacy players, it is tasked with enforcing HIPAA for every US citizen, including your customers. While OCR still spends most of its resources following up on complaints, last summer it began Phase 2 of its random audit program. This phase looked at a randomly selected pool of covered entities AND their business associates. Auditors found that more than 39% of the problems with Privacy Standards compliance were attributed to a lack of awareness of the requirements. Further, they found that the smallest covered entities struggled with compliance under all three of the HIPAA Standards: Security Rule, Breach Notification Rule, and Privacy Rule.
OCR lists, in order of frequency, the five most common compliance issues it investigates:
1. Impermissible uses and disclosures of protected health information;
2. Lack of safeguards of protected health information;
3. Lack of patient access to their protected health information;
4. Uses or disclosures of more than the minimum necessary protected health information; and
5. Lack of administrative safeguards of electronic protected health information.
Everyone in your pharmacy needs to know the HIPAA rules. More importantly, they need to know how to follow them. You and your employees must have solid policies and procedures and be vigilant in sticking to them. It only takes one customer, competitor, or employee to make a complaint to OCR that could get you into big financial trouble.

For more information about  pharmacy compliance solutions for your pharmacy, call PRS at 1-800-338-3688 and speak with one of the Specialists. Also, stop back here for additional posts on compliance issues and what you need to know as a pharmacy owner.