A recent survey on HIPAA compliance within small practices and billing companies, conducted by NueMD, a provider of cloud-based medical practice management software for small practices, and The Daniel Brown Law Group, a firm specializing in health care law, finds medical practices and billing companies are struggling to comply with regulations under the Health Insurance Portability and Accountability Act (HIPAA).
The survey finds:
- A majority of respondents, 66 percent, is unaware of HIPAA audits
- Only a little more than one-third of respondents, 35 percent, say their business has conducted a HIPAA-required risk analysis
- Only slightly more than one-third of owners, managers, and administrators, 34 percent, report they are "very confident" that their electronic devices that contain PHI are HIPAA compliant
- Less than one-quarter of managers, owners, and administrators at medical practices, 24 percent, report they have evaluated all of their business associate agreements
- Only slightly more than half of office staff and non-owner care providers at practices, 56 percent, say they have received HIPAA training in the last year
"Understanding HIPAA can be difficult for practices and billing companies, especially if they’re already scrambling to keep up with changes like ICD-10 and Meaningful Use," says Caleb Clarke, sales and marketing director at NueMD.
"It’s troubling to see that so many practices aren’t participating in training programs for their staff,” says Daniel Brown, managing shareholder at The Daniel Brown Law Group. "If an audit were to occur at that particular practice, one of the biggest red flags is that the staff is unaware of the HIPAA compliance plan and what their role is in it."
Related reading
Get ready for HIPAA breach before it happens
Are your business associate agreements up to date with the latest HIPAA requirements?
HIPAA compliance checklist
