HIPAA Compliance in Medical Organizations

The Health Insurance Portability and Accountability Act was passed by congress in 1996. This act is known by the acronym HIPAA and is meant to protect a patient’s information and keep it private and secure. Medical organizations are required by law to protect a patient’s medical history and other private information such as a patient’s address and social security number. It is not only important that this information stays out of the hands of criminals, but medical information should not be inappropriately disclosed. Information provided on http://www.medtunnel.com/ states that personnel at medical organizations offices should keep patient’s information private. This includes not leaving medical records in full view of other people or talking about a patient’s medical records with people who are not the patients medical providers.


It is important that medical organization safeguard their patient’s information. A clinic or hospital that has a breach of their patient’s information can get a bad reputation and leave themselves open to lawsuits from angry patients. Not only will the current patient’s be outraged and decide to change to another clinic, hospital, or medical provider. New patients may decide to use another medical organization that does not have a reputation for leaking patient’s information. A bad reputation may be the least of a medical organization’s problems. Patient’s that are upset a breach of their private information can sue for a financial settlement due to HIPAA violations and the state can impose fines can reach $1.5 million dollars.

In order to prevent the onset of lawsuits medical organization should institute safeguards. These safeguards can include verifying the correct use of information and use checklists to prevent a breach. These safeguards in combination with a compliance procedure can mitigate the risks of lawsuits from angry patients seeking a financial settlement.

HIPAA Compliance

It is up to medical organizations to review their HIPAA compliance protocols and have a series of safeguards in place. Before the use of modern technology medical organization only had to worry about verifying who could access patient information and preventing inappropriate disclosures of medical records. However, with the uses of computers and faxes in the workplace, including medical offices, hospital, healthcare providers, health insurance companies and vendors have to set procedures to ensure that information is not leaked through any technical device such as the computer, fax, or smartphone. Though these devices help a medical organization run smoothly personnel must take care not to inadvertently cause a data breach.