9 Ways to Violate HIPAA (Without Even Realizing It)

Being sick or injured is scary enough, but knowing that someone is holding your private information that you wouldn’t want to get out is even worse. That’s what HIPAA is for, it protects us from having our information spread without our consent and keeps us safe.

But what happens if HIPAA is violated and how can HIPAA be violated?

Unfortunately, accidents can happen, and personal data can be leaked. Here are some of the most common HIPAA violations and how you can prevent them from happening.

What Is HIPAA?

The Health Insurance Portability and Accountability Act, or HIPAA, is a federal law dedicated to keeping your personal health information (PHI) private and safe. This law is followed by anyone working in the medical field, as well as your insurance providers, business associates, and anyone else with access to your medical files.

Common HIPAA Violations You May Not Know

Now that you have an understanding of HIPAA policies, it’s time to talk about HIPAA violations. Here are some of the HIPAA security violations that you may not know about.

1. Sharing PHI With or Without Names

Let’s face it, gossiping is something that everyone does, especially at work when dealing with clients. This is no exception in the medical field. While talking to others working with the same patient may seem like an ok thing to do, you may accidentally share information that they aren’t meant to know.

If you speak too loudly, someone outside of your patient’s care may overhear the information as well. By sharing information that wasn’t meant to be spread, you have violated HIPAA by giving away your patient’s PHI.

Whether or not you share the individual’s name, the information you give out could be enough for someone to figure out who you are talking about. When it comes to gossiping with coworkers, keep your conversations about something other than work.

2. Digging Into Information You Shouldn’t Know

Snooping into information you know you shouldn’t have is another type of HIPAA violation. Whether you realize what you are doing or not, you should not go through your patient’s files beyond what is asked of you, and you should absolutely not go into files that you have no business with.

3. Sending Info to the Wrong People

Even accidents like sending information to the wrong recipients is a HIPAA violation, as you’ve spread someone’s PHI without their consent or knowledge. This can be done with a letter to the wrong address, an email to the wrong account, or even with fax gone wrong.

When you’re sending out information regarding a patient’s PHI, even if it seems minor, always double-check where you’re sending it. When it comes to faxing information, look into HIPAA compliant fax to make sure you’re within HIPAA policies.

4. Leaving Your Laptop Unlocked

If you work in the medical field, you should know to always lock up or shut down your computer whenever you leave your station. Otherwise, prying eyes may try to take a peek at someone’s PHI.

Leaving your laptop unlocked is a HIPAA violation, and a dangerous one at that, since there’s no way to tell for sure whether or not it was accidental. Always triple check your computer before leaving your station just to be safe.

5. Leaving Out Paperwork

Paperwork is just as important to keep track of as digital data, as it can hold all of the same information. If you do work with physical paperwork, always make sure you have it on you and don’t leave it out for anyone to see.

6. Losing a Device With Sensitive Information

Unfortunately, just having a device lost or stolen is considered a HIPAA violation. You are expected to guard your property with extra care, given it has such sensitive information on it. If your device is lost or stolen, then you need to report it immediately; while you will still be punished for the violation, it is better that they know so that they can deal with the potential breach immediately.

7. Improper Disposal of Information

When disposing of digital or physical PHI, it’s important to do so properly so that it can’t be taken by another person. Shredding physical information is common in the medical field to prevent it from being shared; any digital information should be destroyed and wiped from any hard drives it was on to protect the patient’s PHI as well.

If you have any doubts about disposing of someone’s PHI, you should always ask a professional for guidance to avoid a violation.

8. Unauthorized Release of Information

While this usually only happens with celebrities and other popular individuals, you should never share personal information with the public. This means no social media posts, texts, calls, or anything.

9. Disclosing PHI to a 3rd Party

This is possibly one of the most common HIPAA violations out there and usually happens when a healthcare provider shares information with a patient’s family member without proper clearance. While this might seem like an ok thing to do, you absolutely need permission to share any information with a 3rd party regardless of their connections to the patient.

Understanding the Most Common HIPAA Violations

Some of the most common HIPAA violations may seem self-explanatory, but they are common for a reason. Use common sense and caution when handling PHI and keep patient information between you and the patient. This will prevent any unnecessary violations and keep your patient’s information safe and secure.

Are there any violations that we missed? How do you keep your patient information secure?

We’d love to hear your thoughts. Leave a comment down below with your experiences, and continue reading our blog for more helpful information.