EVERYONE WHO MANAGES staff in a medical environment immediately becomes
a key decision maker when it comes to HIPAA compliance, whether
they realize it or not. Many data breaches do not occur because of technical
failures that come from a conscious attack on security systems, but by the
failures of personnel to properly control the access to patient health information.
Practice managers hand the keys to the vault of patient data to staff
members every day. Just like money in your bank account, sensitive data has
a real value, and anyone with access to it holds a serious responsibility.
As such, establishing proper rules and expectations to staff and management
is paramount to a proper risk management strategy for HIPAA
Here are some concepts and key points that anyone who manages staff in a
medical practice should keep in mind to foster HIPAA IT compliance.