Handling a Data Breach in Your Practice

by | Last updated Jul 3, 2023 | Published on Jul 31, 2013 | Healthcare News

Share this:

HIPAA compliance is a challenge for all medical practices. Patient information is sacrosanct and any breach of confidentiality can have serious legal and monetary implications. While all practices train their staff on maintaining security in accordance with HIPAA guidelines, there’s always the risk that data on routinely used devices such as smartphones, laptops, HR systems, memory sticks and other portable devices will somehow go unprotected. If you outsource non-core activities, check to see whether the breach occurred due to your service provider.

A data breach can occur accidentally or as a result of external hacking. What you need to do is to be prepared with a data breach response plan.

  • Have a team of legal experts at hand that you can contact for professional advice
  • Specialty services like digital forensic investigations or identity theft protection and resolution may be necessary – keep contact information handy
  • Maintain an internal reporting system for timely and appropriate action, especially during the first 72 hours after the breach has occurred
  • Immediately after the breach is detected: preserve your digital and other data by securing your premises, identify what’s missing
  • Have an action plan ready with clearly defined steps, checklists and timelines so that your staff knows what to do
  • Track progress
  • Contact the law enforcement agencies if necessary – record all conversations, instructions and steps

Do not delay action as it can prove expensive and trigger law suits. Immediate action and meticulous investigation is necessary, so mobilize your action plan quickly.

While you must take extra care with your internal security measures, you can ensure the safety of the information you outsource for medical coding and billing by partnering with a reliable healthcare business process outsourcing company. Look for a service provider that can provide medical billing and coding services with the utmost regard for patient confidentiality.

  • Natalie Tornese
    Natalie Tornese
    CPC: Director of Revenue Cycle Management

    Natalie joined MOS’ Revenue Cycle Management Division in October 2011. She brings twenty five years of hands on management experience to the company.

  • Meghann Drella
    Meghann Drella
    CPC: Senior Solutions Manager: Practice and RCM

    Meghann joined MOS’ Revenue Cycle Management Division in February of 2013. She is CPC certified with the American Academy of Professional Coders (AAPC).

  • Amber Darst
    Amber Darst
    Solutions Manager: Practice and RCM

    Hired for her dental expertise, Amber brings a wealth of knowledge and understanding of the dental revenue cycle management (RCM) services to MOS.

  • Loralee Kapp
    Loralee Kapp
    Solutions Manager: Practice and RCM

    Loralee joined MOS’ Revenue Cycle Management Division in October 2021. She has over five years of experience in medical coding and Health Information Management practices.