According to a Forbes article, “many organizations that claim to be “HIPAA Compliant” have no such legal obligation.”
Although many advertise they are HIPAA compliant, “there is no such thing as being ‘HIPAA Certified’”—there is no governing body that oversees this. There is, however, “a rigorous and formal process for establishing best practices around privacy and security specifically for [Protected Health Information] data.”
There have some major instances of cyber breaches of healthcare organizations. Providers must ensure they are protecting patient information as thoroughly as possible—they will have to face the consequences if the data falls into the wrong hands.
To better evaluate an organization’s security measures, it could be useful to form a “3rd party organization that is neutral and qualified to assess the policies and procedures compared to best industry practices and benchmarks.”
Summary By MedicalGroups.com
To read more from Forbes, Click Here