HIPAA Training: Because People Are Your Weakest Link

DID YOU KNOW THE NUMBER ONE CAUSE OF HIPAA VIOLATIONS IS HUMAN ERROR?

HIPAA training is the only fix for this.

humans are the weakest link and that's why HIPAA training is essential

After all, computers don’t click on phishing emails…  Humans do.

Healthcare minus HIPAA training is a total disaster.  You’re constantly stalked and trolled by increasingly sophisticated hackers while the Office for Civil Rights waits patiently for you to break one of their loosely defined rules so they can gleefully levy massive fines on your practice and blast you on their “Portal of Shame.”

photo of shame that results from a lack of HIPAA training

If this all sounds rather daunting, that’s because it is.

You can, however, take a small bit of solace knowing that you are FAR from alone…

There is a severe lack of HIPAA training, even though it’s the missing link between HIPAA compliance and a total compliance disaster.  And that’s because HIPAA is complex, HIPAA is confusing, HIPAA is cumbersome, HIPAA is scary…  But why?

HIPAA is complicated and requires HIPAA training photo
Photo by Damian Gadal

Part of the problem is that, while HIPAA’s laws are vague, its penalties are clearly defined and swiftly delivered.  Not understanding how to NOT violate HIPAA laws, but knowing that you will be in hot water for something you don’t understand, leads to uncertainty and anxiety.  HIPAA is hard to understand, and we often fear that which we do not understand.  And when something is hard to understand, the most noteworthy accomplishment is mastering it.

HIPAA training is paramount photo
Photo by walknboston

Hence, HIPAA training is paramount.

But how do you teach something you yourself don’t understand?  That’s where Petronella Technology Group (PTG) comes in!

You likely googled us because HIPAA causes you anxiety.  Lucky for you, HIPAA doesn’t give US anxiety… In fact, we here at PTG laugh in the face of HIPAA auditors!  Well, not literally, because that would be rude – and we are good people.

But what we mean is that we understand HIPAA, so we no longer fear it.  We’ve taken the time to learn the ins and outs of HIPAA, and now we dance in time with it instead of shivering in the corner, scared it will ask us to dance. We can get you to the other side of the maze, where we are.

We don’t say this to brag.  We say this so that you understand just how important HIPAA training is for not only yourself but for every single person in your practice. Once you have mastered this knowledge, you will feel so accomplished, and you’ll dare the OCR to audit you.  You remember that feeling you would get when you would do your homework the night before and you couldn’t wait for the teacher to call on you?  Mastering HIPAA feels just like that. But better.

HIPAA training will help you navigate the HIPAA maze.HIPAA AND YOUR EMPLOYEES

If you have a medical practice, your employees are likely familiar with HIPAA. But to what extent?

  • Do they know about secure passwords, and do they have privacy screens so patients can’t see what they type?
  • Do they know about links, to click or not to click?
  • Do they know to lock the file cabinet that holds patient files?
  • Do they know how to report a breach?
  • Do they know when to report a breach?
  • Do they know how fast they need to report a breach?
  • Do they know who they can release patient records to, and what they can release?
  • Do they know what permissions they need in order to release information?
  • Do they have their Alexa and Siri turned off, so they are not violating HIPAA privacy laws, as these entities are always listening?
  • Do they know what security they need to have in place on their personal devices when they access your network?
  • Do they know what HITECH is?
  • HIPAA training photo

Knowledge is power, and we suggest that you arm them heavily. They should know about keylogger malware, and their devices should be protected with keystroke encryption.

HIPAA training requirements are, in the spirit of all HIPAA laws, vague.  So just what is HIPAA training?

HIPAA requires both covered entities and business associates to provide HIPAA training to any members of their staff handling PHI.  This means that business associates and any of their subcontractors must also be trained.  Anyone who comes into contact with protected health information (PHI) must be trained.

Did you know that:

  • Everyone must be trained on Policies and Procedures, and those Policies and Procedures must be in writing?
  • You must have a Sanction Policy that outlines how you will handle staff who violate policies?
  • You can’t use generic policy templates and be compliant?
  • Your Policies and Procedures must be customized for your practice?
  • There is still so much more? The most actionable of which, by the way, you will understand once you download our 9-Point HIPAA Security Checklist!

HIPAA TRAINING REQUIREMENTS

The HIPAA training requirements are more guidance than law – suggesting training should be provided:

  • Periodically AND
  • When certain events occur

Again, more vague language from the U.S. Department of Health and Human Services website at www.hhs.gov:

“The HIPAA Rules are flexible and scalable to accommodate the enormous range in types and sizes of entities that must comply with them. This means that there is no single standardized program that could appropriately train employees of all entities.”

This sounds like they are giving you some wiggle room, right?

Wrong.

Skipping HIPAA training is wrong photo
Photo by KungPaoCajun

In reality, this “wiggle room” delivers even more uncertainty and anxiety.  They provide no standard training program or guidelines, yet you are expected to train to their standards.

DANGERS OF BEING NON-COMPLIANT

As we all know, time and space are relative, and reality is based on perception, right?

Well, help your folks to perceive this reality:

Non-compliance with HIPAA can jeopardize their employment status because it can jeopardize your practice’s continuity!!

How would your business fare if it were blacklisted? May we introduce to you…

THE HIPAA WALL OF SHAME!

This isn’t an Onion article… It’s actually a thing, this HIPAA WALL OF SHAME:

https://ocrportal.hhs.gov/ocr/breach/breach_report.jsf

And quoting directly from this Wall of Shame (also known as the Breach Portal):

“As required by section 13402(e)(4) of the HITECH Act, the Secretary must post a list of breaches of unsecured protected health information affecting 500 or more individuals. The following breaches have been reported to the Secretary:

Cases Currently Under Investigation

This page lists all breaches reported within the last 24 months that are currently under investigation by the Office for Civil Rights”

Any good training session starts off with a clearly defined goal. In this case, the goal is quite simple:

Avoid making this list!

Skipping HIPAA training is not good photo

And while you’re at it, avoid hefty fines.

And possible criminal charges, in certain situations.

And of course, business closure.

Failing to conduct HIPAA training can cause business closure photo

This is nasty stuff, make no mistake about it.  We cannot stress enough the importance of training your employees.

We have stated on the record that World War III is on the World Wide Web. Your staff is your army.  Hackers are landmines planted wherever they think you might step, and the Office for Civil Rights has eyes everywhere – they are keeping score, BEGGING you to mess up – and your untrained employees will do just that.

Listen to the whisper of wisdom and turn your weakest links into subject matter experts.

HIPAA training is the whisper of wisdom photo

Never underestimate your opponent, and properly fortify your defenses. Help your people, help you.

 

Learn more of our insights on HIPAA here:

Ask us questions on our courtesy HIPAA forum:
https://hipaadefense.com/
You can order discreetly and directly at:
https://itsupport.infusionsoft.app/app/storeFront/showStoreFront
Email us at:

919-422-2607

OPTION 1 FOR LIGHTNING

OPTION 2 FOR THUNDER

 

Schedule an Appointment

Schedule an Appointment

    Our clients are awesome!

    Based on 55 reviews.
    Jeremy Richards
    Jeremy Richards
    2020-03-13
    Petronella provides great advanced digital marketing and automation solutions for my business!
    Kate Swenson
    Kate Swenson
    2020-02-14
    Highly recommended for CMMC certification assistance! Excellent and affordable options for secure data hosting on local infrastructure. 5 stars!
    Tom Matzen
    Tom Matzen
    2020-01-25
    Petronella Technology Group helped us setup our sales and marketing automation, cybersecurity and compliance for our new Blockchain startup. Great to work with! Craig in particular really knows his stuff, can translate into non-tech speak, and has wisdom beyond his years. Highly recommend them.
    Justin Summers
    Justin Summers
    2020-01-14
    Craig is awesome! He is very professional and efficient with his work. I would definitely recommend Petronella Technology to anyone who needs state of the art service.
    Blake Rea
    Blake Rea
    2020-01-14
    Craig is an expert in his field. Impressed by his knowledge, A true pioneer in Cybersecurity. My business is safer thanks to Petronella Tech!
    Robert Friedman
    Robert Friedman
    2020-01-10
    For the last five years Craig has been the Contributing Editor for Cybersecurity for NC Triangle Attorney Law Magazine which I publish. His base of knowledge is always leading edge, pragmatic and early to understand for our readers who are not techies. He is patient and easy to work with.
    Tammy Everett
    Tammy Everett
    2020-01-10
    Craig Petronella, CEO of Petronella Technology Group provided the members of the Defense Alliance of North Carolina expert advice on cybersecurity and NIST compliance. Eye opening experience! Thanks so much!
    Julie Brown
    Julie Brown
    2020-01-09
    Craig and the Petronella Technology Group, Inc. team made HIPAA compliance for my small practice so simple and easy! They helped me with all of my HIPAA training, HIPAA Security Risk Assessment, Penetration Test, and HIPAA secure hosting so I can rest easy.
    Pivot Point
    Pivot Point
    2020-01-03
    Petronella Technology Group helped us with our marketing strategy for our new web startup. Awesome experience!!!!
    Richard Brunet
    Richard Brunet
    2019-12-30

    SCHEDULE AN APPOINTMENT

    Make It Happen Now

    CLIENT SUPPORT

    Don't Feel Stranded

    CONSULTATION

    Get Best Advice

    PAYMENTS

    Make A Payment

    Top