Many are unprepared for April 20 security deadline
Many small physician practices had gaps in three key areas as they attempted to meet the April 20 deadline for HIPAA security standards, according to Dallas-based MedSynergies. Many small practices use older practice management software systems that have not been upgraded to comply with HIPAA, says Judi McClain, who supervises HIPAA compliance for MedSynergies.
The three key problems the company has seen in working with physicians in 23 states are:
1. Lack of data backup plan.
In many practices, medical data are backed up on a tape drive connected to the main computer. In some cases, tapes are stored at the provider’s office. The HIPAA security standards call for providers to be able to access data in case of an emergency so operations can continue. Continuing to store backup tapes at the provider’s office is not an option, McClain says. In the ideal situation, providers would back up data at a secure, remote facility.
2. Lack of access controls.
The HIPAA standards require all users of medical information systems at a medical office to have a two-step log-in. Each user must have a unique user ID and secure password. This is similar to the two-step process required for most on-line financial transactions. However, many older practice management systems don’t require a password or allow users to log in with a common shared user name and password.
3. No audit controls.
The new standards require that the office’s practice management software system keep a detailed record of who has logged on to the system and what data they have accessed or changed. This is necessary in case confidential medical data accidentally is transmitted to the wrong address or inappropriately modified.
[For information, contact Christopher Tammen at (972) 791-1206, ext. 1206, or go on-line at www.medsynergies.com.]
Many small physician practices had gaps in three key areas as they attempted to meet the April 20 deadline for HIPAA security standards, according to Dallas-based MedSynergies.
You have reached your article limit for the month. Subscribe now to access this article plus other member-only content.
- Award-winning Medical Content
- Latest Advances & Development in Medicine
- Unbiased Content