Did you know Medical Marijuana is treated like any other medical prescription and Medical marijuana dispensaries are subject to HIPAA -Health Insurance Portability and Accountability compliance? Privacy Rights
The fees associated with lost information or data breaches can be staggering. The penalties for noncompliance are based on the level of negligence:
|Violation||Amount per violation||Violations of an identical provision in a calendar year|
|Did Not Know||$100 – $50,000||$1,500,000|
|Reasonable Cause||$1,000 – $50,000||$1,500,000|
|Willful Neglect — Corrected||$10,000 – $50,000||$1,500,000|
|Willful Neglect — Not Corrected||$50,000||$1,500,000|
Source: HHS, Federal Register.gov
HIPAA violations tripled over a 10-year span between 2004 and 2014 and it continues to grow.
What is HIPAA?
As a healthcare provider you are required to maintain the privacy and confidentiality of patient’s health information including their Names, addresses, date of birth, sex, medical condition, and prescriptions/medications.
The key term in HIPAA is PHI or Protected Health Information. All the demographics about a patient whether electronic or in paper form is PHI.
Most offices already have a policy statement, but it falls short in several critical areas:
· Aside from HIPAA compliance, there is also general data breach legislation for the State of California
· Use strong passwords
· Use and maintain Anti-Virus Software
· Use a firewall with Intrusion Prevention- Telephone or Cable provider routers often are not sufficient
· Control Access to PHI- only people with a need to know should have access.
· Control Physical Access to PHI
· Establish a Security Culture
The good news is we can help. With your input we will audit your current practice management environment and produce a comprehensive report to address any potential issues.
We welcome the opportunity to discuss your current environment and concerns.