Healthcare compliance always remains a top concern for healthcare executives, particularly in the FQHC world, where there are a plethora of regulations tied to funding reimbursement. While patient and data privacy has been a chief concern of Compliance Officers, 2020 looks to be a banner year for these issues. What should we prepare for as we enter 2020?
Data Security is Top of Mind
As we near the end of the fourth quarter, the issue of data privacy has risen again in privately held firms from Facebook to enterprise organizations experiencing widely publicized data breaches. In July, Capital One lost 80,000 bank account numbers, 140,000 social security numbers, and more, to a hacker. Healthcare was not immune; Quest Diagnostics has up to 12 million patient accounts attacked at the beginning of the year, and LabCorp has another 7 million hacked.
The incidents suggest that data privacy and security will be top of mind next year. Here’s how compliance teams mitigate the risk in 2020:
Use onboarding to increase security awareness.
Creating a culture of cybersecurity in your healthcare organization should start from day one with every employee that enters your facility. If your employees open an email, you should know that phishing is the number one threat vector for hacker attacks. Phishing and other social engineering techniques seek to capture user credentials or other confidential information by using a seemingly innocuous email to trick the end-user. Simply by clicking on a link, the email recipient could open a backdoor into your server network, allowing a hacker to wreak havoc. Given that the average cost of a data breach is $3.92 million, that’s a very costly mistake for your employee to make. Using onboarding to set the stage for a staff that is aware of hacker movements will help your organization remain data compliant next year. Keep awareness high with periodic retraining throughout the year.
Upgrade your technology.
While money is tight in the average FQHC, most compliance software is legacy even in larger healthcare organizations. While these older platforms can handle OSHA or even HIPAA concerns, contemporary compliance standards require updated software. Modern compliance platforms can gather data points, manage incident workflows, and help organizations meet the intent of compliance rules as well as the letter of the law.
Ensure your Compliance Officer has some legal training.
Ideally, your compliance executive is a lawyer able to navigate the patchwork of local, state, and federal regulations and how they interact. An attorney can also monitor the ever-changing rules and keep your organization ahead of the game. Not only will this help with compliance, but also protect your patient data and organizational reputation.
Health systems, hospitals, FQHCs, medical practices, and other clinical providers will do well next year to invest in systems that protect patient data proactively to avoid the risk of a highly publicized data breach.
If your organization is seeking a skilled compliance officer or IT security executive to add to your current team, please contact our expert healthcare staffing specialists today. UHC Solutions is here to help.