In a recent Healthcare Risk Management article, Gunster Shareholder Bill Dillon underscores the importance of HIPAA compliance training for all employees, as well as limited role-based access to patient records. The article points to a Washington-based hospital that was fined $240,000 in a settlement with the Office for Civil Rights (OCR) over allegations of a HIPAA violation.
“We have to have access privileges for people to access that information. That is normally based on that person’s need to know,” Dillon explains. He goes on to emphasize the importance of conducting audits, saying “It’s low-hanging fruit to check whether or not people are following the rules.”
Bill Dillon is the former managing shareholder of the firm’s Tallahassee office and is Board Certified by the Florida Bar as a specialist in the area of Health Care law. He is also certified by the Health Care Compliance Association in the area of corporate compliance (CHC) and the International Association of Privacy Professionals as an Information Privacy Professional for the U.S. Section (CIPP/US). Bill focuses his practice on assisting health care providers and entities to adhere to the complex regulatory requirements of the health care sector.