Preventing healthcare fraud and abuse continues to be a huge challenge for healthcare organizations. From smaller healthcare practices to giant corporations, it appears no one is immune to the threat of healthcare data breaches.
According to federal health officials, almost 300 doctors, hospitals, and insurance companies have reported medical data breaches in the past two years. U.S. government data suggests nearly eight million people have had their medical records improperly exposed during this period. This exposure makes it easy for hackers and thieves to steal personal information, and further puts a spotlight on the need for impenetrable systems to prevent healthcare data breaches.
Professional practices are often unprepared and therefore completely vulnerable to attack. Large organizations have security systems in place, but their size often leads to the inability to control those systems and the people operating them—not to mention the fact that the amount of personal data in their systems makes them the “big fish” in the ongoing game of preventing healthcare fraud and abuse.
Owners of professional practices often feel helpless at the thought of preventing healthcare fraud and abuse. After all, they wonder, how can we prevent healthcare fraud if the large organizations can’t seem to stop data breaches with all of their resources?
It’s a fair question. But there’s an answer: Think like a crook and pay attention to the details. Since their systems are smaller and they have fewer employees, professional practices actually have more control over how data is accessed and who can access it. They just need to be proactive to prevent healthcare data breaches from happening to them and their patients. Professional practices need to:
– Perform background checks: Preventing healthcare fraud and abuse starts at the employee level. Professional practices should never hire an employee without first conducting a thorough background check that includes past employment, professional and personal references, education, credit record, criminal record, Social Security number, and a drug test.
– Encrypt data: Information systems are the next defense against healthcare data breaches. Aside from employees, who else can access the computer system? Hackers may assume professional practices don’t have a sophisticated healthcare data breach security system. They can prove hackers wrong by ensuring data transmitted over their network uses an encryption technology known as secure socket layer (SSL). Complex passwords should be implemented only for those employees who need access to patient records.
– Create policies and procedures to prevent healthcare data breaches: Professional practices should also develop a strict set of policies and procedures to safeguard protected health information (PHI) under the Health Insurance Portability and Accountability Act (HIPAA). A healthcare fraud and abuse expert can assist with creating these policies and procedures.
– Shred data: This one may seem obvious, but unless there is a policy in place that all employees know about, a customer’s private data may just go in the trash. That leaves the information vulnerable to dumpster divers who will steal and sell private health information.
Start preventing healthcare fraud and abuse in your practice by contacting 310.831.4400 or by visiting www.TheIdentityAdvocate.com. You can even schedule a “Lunch and Learn” for your employees to know how to spot and stop healthcare data breaches.