Many physicians and other covered entities view the Health Insurance Portability and Accountability Act of 1996 as being nothing more than a nuisance that slows down their normal day-to-day business operations. While complying with HIPAA does require some time and effort, there's a good reason why this law is in place.
Increase Patient Retention Rates
Doctors offices and other healthcare facilities rely on returning patients to sustain their business. If a covered entity is outed for not following the HIPAA Security or Privacy Rules, it may deter patients from returning. This subsequently results in a lower patient retention rate, which hurts the practice's profits. Whether you are a dentist, general practitioner, chiropractor or any other covered entity, you should abide by HIPAA to increase your patient retention rates.
Civil and Criminal Prosecution
Covered entities found in violation of HIPAA are subject to both civil and criminal prosecution. In 2010, the U.S. Health and Human Services (HHS) fined health insurance provider Cignet Health of Maryland a record-setting $4.3 million for ignoring patients' request to obtain medical records, and for ignoring the inquiries of federal officials. Violations involving covered entities who knowingly obtain and/or disclose Protected Health Information (PHI) are subject to a maximum criminal penalty of $50,000 and 1 year of imprisonment. While criminal charges related to HIPAA violations are somewhat rare, they do occur on occasion.
Of course, doctors have covered entities have an ethical responsibility to protect their patients' and customers' information. If someone provides you with sensitive information, they assume that you'll take the necessary precautions to keep it safe. If this information is disclosed, it paints the practice in a negative light, which could deter other patients from using it.
Growing Trend of Cybersecurity
There's an undeniable growing push for greater cybersecurity across all industries. In less than a year, we've seen several major hack attacks, including the one on Sony Pictures Entertainment (SPE), as well as the health insurance providers Anthem and Premera. This has prompted lawmakers and private organizations to strengthen the security of their systems. In fact, the House of Representatives recently proposed a new data sharing bill that would encourage companies and governments to share information in an effort to prevent cyber attacks.
These are just a few of the many reasons why it's important to be HIPAA-compliant.