Top 5 Most Common HIPAA Compliance Issues

Medical and dental facilities do not want to face millions of dollars in fines for HIPAA violations. Unfortunately, HIPAA law is fairly complex and violations do occur unless you have a team of specialists, including IT specialists, who can safeguard against the most common compliance issues. What issues should employees, office managers, and security officers be looking for in regards to HIPAA? Here is a quick list of the most common violations that occur in offices, hospitals, and medical facilities. Understanding them can help your practice avoid the financially hefty price of making a mistake.


Unsecured Records

Files, whether physical or digital, should be kept secure at all times. Physical files need to be under lock and key, and only accessible to certain qualified personnel. Digital files should have password protection and use encryption wherever possible.


Device Loss or Theft

Many employees use devices that are protected and can contain sensitive information such as laptops, tablets, and phones used in medical facilities. These should be secured nightly and inventoried regularly to be sure there have been no thefts or losses.


Poor Employee Training

Employees are on the front line of upholding the regulations of HIPAA law. All staff should be trained in the proper ways to handle patient information, from conversations at the front desk to communication with other employees. HIPAA law requires that all employees be trained to know what the law states and how to follow the guidelines.



We have seen it in the news on many occasions, where medical facilities were hacked and client information was left vulnerable. Having the correct security measures in place is extremely important when it comes to digital files and the transmission of those files from doctor to doctor or to a storage facility.


Improper Disposal of Data

Employees should understand the requirements of how to properly dispose of both digital files via wiping a hard drive or, in the case of physical files, via shredding and proper disposal. Without this critical step, patient information such as social security numbers, phone numbers, or even credit card information could be at risk.


Does your office practice HIPAA law securely? Call Spectra Networks at 978.219.9752 or visit our website. Our specialists can meet with your staff and evaluate your level of adherence to the law and spot areas that need improvement.