HIPAA Compliance: A Lot like Baby Proofing

The other day, my daughter, who is 14, was tending our neighbor’s little girls. She brought them over to our home for an activity of making cookies. It has been a long time since we have had young children, in our home. I had forgotten how active they can be and how much trouble they can get into. I felt like I was constantly watching everything they did just to make sure that nothing happened to them. I didn’t want them to somehow drink drain cleaner or play in the toilet.

HIPAA compliance feels like baby proofing. Just as it was difficult to predict all the dangers that my neighbors children may find, providers face an ever challenging landscape of threats. To maintain their HIPAA compliance they have to work diligently to find and eliminate them.  One provider in KLAS’s recent Security and Privacy Study said it like this: “My biggest concern is the Unknown. Once I uncover a previously unknown HIPAA threat, I can fix it.”

All healthcare providers want to protect the PHI (protected health information) of their patients. In an effort to do so, providers have policies, procedures, and tools in place to address these threats and work to monitor and eliminate them. So what is the biggest challenge that healthcare providers are facing today? Overall, the 106 providers who participated in our study shared that unauthorized internal access is their greatest concern. However, concerns varied depending on several factors such as location, size, and type of the organization.