Pharmacy HIPAA Violations Rise – Develop Policies and Procedures:
Pharmacy HIPAA violations are on the rise again and the primary reason centers around the ever increasing digital and electronic platforms (such as EMR and other digital patient data records). There definitely has been increased scrutiny by the OCR in looking into patient privacy violations (and also increased penalties being seen including substantial fines and strict documentation and retraining mandates). The Health Insurance Portability and Accountability Act of 1996 privacy rule centers around the protection of patient confidentiality, and a new system of routine audits for major healthcare providers began this year (according to Law360).
Pharmacy Times had a recent article citing the Major pharmacy chains as the biggest HIPAA offenders, with two of the nation’s leading pharmacy chains (CVS and Walgreens) having the most violations. A ProPublica investigation revealed that CVS had a reported 204 complaints and Walgreens 183. Other pharmacy chains also made the top 10 list of offenders, with Walmart being reported 71 times and Rite Aid pharmacy 48. The most commonly reported violations included pharmacy staff speaking far too loudly, compromising patient confidentiality, and dispensing prescriptions to the wrong patients. It is important to note that the infractions led to 30 financial penalties (plus a lot of bad publicity!).
Large Hospitals have recently been fined extremely large financial penalties for more serious transgressions. A prime example is the $750,000 fine that University of Washington Medicine had to pay out in December 2015. According to the HHS, the Hospital was fined following a major patient records leak with well over 90,000 patient records compromised by malicious malware that was opened in an email by a nurse. The records contained highly sensitive patient information such as patient birthdays and Social Security numbers. The biggest reason cited for the fines was actually the fact that they failed to produce, develop and implement a comprehensive set of policies and procedures to comply with the HIPAA rules. It was also noted that the staff was not provided adequate training in dealing with HIPAA requirements. Keep in mind also that along with the fines, bad publicity results in business severely suffering in almost all scenarios!
Does your Pharmacy have policies and procedures regarding HIPAA requirements in place? If so, when was the last time that they were reviewed by a qualified HIPAA Compliance Expert or Pharmacy Consultant? Additionally, do you provide adequate and documented training yo your staff regarding HIPAA? If the answers to any of these questions is no, we strongly urge you to call HCC today for a free consultation at 800-642-1652.
Healthcare Consulting is a full service Pharmacy Consulting firm that has been in business for over 27 years. HCC has been helping pharmacies plan, prepare and deal with issues such as HIPAA compliance since 1989. Just a few examples of our services include:
– Development of Policies and Procedures (including HIPAA Compliance and Documentation)
– Employee Training
– Patient Consultation Documentation
– Pharmacy Management Consultation
Although we all hope that we will never personally deal with such HIPPA violations, be prepared! HCC’s motto has always been that the old cliche “an ounce of prevention is worth a pound of cure” especially applies to running a Pharmacy business. Contact us on line or call us today for a Free Consultation at 800-642-1653 to discuss how we can help you.