You’ve considered all the risks posed by the new HIPAA guidelines, but did you include streaming media?
You’ve considered all the nuances of the new HIPAA guidelines when it comes to securing the reams of patient data residing on your computer networks including installing firewalls and changing passwords frequently. But did you think twice when the doctors in your hospital signed up for an interactive web conference series to stay current with their medical specialties?
Streaming media and web conferencing sites might seem harmless, but watching or listening to streaming media may require downloading a special media player that may contain malware, according to the “HIPAA, Privacy & Security Training Module,” put out by the University of North Carolina at Chapel Hill.
Regardless of whether a patient data breach happens or not, all web conferences, webinars or any technology used for online collaboration or conferencing, are subject to HIPAA guidelines, outlined in the law’s Privacy Rule, the Security Rule and the HITECH Act, which clarified and strengthened the first two rules in 2009.
Penalties vary, from up to $50,000 per incident up to $1.5 million per incident for violations that are not corrected, per calendar year. And in some cases, the penalties for state laws might be more severe.
The ruling applies to vendors who are legally classified as business associates: As privacy rule 45 C.F. R. § 164.504(e), states: “If a vendor or subcontractor transmits, maintains, or has routine access to protected health information (PHI) when providing its services to a covered entity then it is considered a business associate.” So, that applies to software vendors transmitting patient information, which might be discussed in an online doctors forum, a webinar series, or other online conferencing application.
NEXT: Avoid heavy fines
To avoid heavy fines, look for a streaming media and conferencing vendor that is HIPAA-compliant. That vendor will understand all the nuances of the law, and have the latest encryption technology to secure your data.
Here are a few things to make keep in mind when shopping for a vendor who adheres to all the HIPAA guidelines.
Sabrina George is vice president of marketing at Onstream Media & Infinite Conferencing, divisions of Onstream Media Corp.
In the Scope of Virtual Health and the Future of “Website” Manner, Per Ateev Mehrotra
August 10th 2023Briana Contreras, an editor of Managed Healthcare Executive, had the pleasure of catching up with MHE Editorial Advisory Board Member, Ateev Mehrotra, MD, MPH, who is a professor of healthcare policy at Harvard Medical School and an Associate Professor of Medicine and Hospitalist at Beth Israel Deaconess Medical Center.
Listen