The Health Information and Management Systems Society (HIMSS) released a white paper earlier this month about the importance of companies engaged in "medical banking" for healthcare-specific banking or financial services to remain HIPAA compliant.
With technology further linking healthcare organizations and financial institutions, security risks will be elevated, said a FierceHealth IT article. As such, medical facilities would be well-advised to work with a medical billing consultant to ensure that patient information remain safe and secure.
"As customers of financial institutions, healthcare providers and payers need assurances that financial institutions can safeguard protected health information with appropriate technology systems, infrastructure and procedures for risk management and incident management," the paper said.
Sometimes, though, a security breach can still happen within a company. After a formal FBI investigation, a former Florida hospital employee was arrested for accessing over 700,000 patient records in two years and then selling them.
The man worked in the emergency intake area, but investigators said that he accessed information across several different states, according to WFTV, a Florida news station. His job was to help register patients in the emergency room, which would give a typical employee in that position - from 2009 to 2011 - access to 12,100 records.
Most of the victims had been in car accidents, and had their information sold to a third party who then passed it onto chiropractors and attorneys, the article said.
To ensure that all employees are aware of security measures, and the penalties that can fall on them or the organizations they work for, medical facilities should work with a healthcare consulting firm. These professionals can teach all staff members how to remain HIPAA compliant through times of technological change.