Every industry has unique challenges and requirements when it comes to safeguarding company documents and data, so we’d like to present the third in a series of blog posts that address industries with high levels of confidential data/documents as well as compliance obligations.
The Health Insurance Portability and Accountability Act (HIPAA) is a U.S. law that requires healthcare organizations to protect private medical information. Under this law, medical institutions cannot release information related to health status, the administration of healthcare, or payment for healthcare that can be linked with a particular person.
HIPAA violations can result in costly fines (the maximum annual penalty per violation is $1.5 million), imprisonment, and exclusion from participation in Medicare. Healthcare institutions appear to be taking regulations like HIPAA very seriously.
In fact, 95% of medical practitioners surveyed by InfoTrends said “compliance with regulations” is an extremely important goal for their organization. Furthermore, “confidentially of patient data” was an extremely important goal for 94% of respondents. The October 2014 mandate for the adoption of an Electronic Medical Records (EMR) system has resulted in a significant increase in scanning activity.
Given the privacy issues discussed above, it is crucial that healthcare organizations implement the appropriate MFP and network protections to guarantee that only authorized personnel are accessing the scanned files. There are also ways to restrict access to specific information, trace unauthorized accesses, and encrypt e-mail sent from the MFP.