The most common vulnerabilities are unattended, logged-on workstations, confidential papers left on printers and fax machines, and exposed display screens on desktop workstations, rolling carts, and handheld devices (e.g. iPads).
Please ensure that any workstation visible to patients and other persons that are not employees, you log out and/or lock your screen when you walk away from the work station. Yes, this means even if you walk away for 1 minute! That is technically a HIPAA violation and you can be held responsible for it, not to mention what our patients may think as they walk back to the exam rooms and witness things left open.
As a reminder – to lock your workstation use , then select LOCK . This will take you back to the password screen to log back in.
A few facts around human error as it relates to negligence in the workplace below for your reference – DON’T BE A CONTIBUTOR (or victim) TO THIS DATA!
The HIPAA Security Rule requires that all devices with access to ePHI must have HIPAA physical safeguards in place. That includes mobile devices like laptops, smart phones, and tablets that can access, store, or transmit ePHI in any way.
In the past, violations of the HIPAA Security Rule Workstation Security Standard have led to settlements and HIPAA fines ranging from $250,000 to $3.9 million. HIPAA violations and their associated fines are often caused by health care professionals failing to take reasonable steps to comply with their HIPAA physical safeguards.
In short, it is up to each of you to protect our patient information and be compliant with the law. Please remember to report any negligence to the compliance line, which can be done anonymously, if you witness this occurring in your location.