HIPAA 2016 Update

Why Should I Care?

  • Personal fines and jail time as a consequence of willful violation
  • Company fines of up to $1.5 million dollars per year places your job in jeopardy.
  • Reduction in Medicare reimbursement can put your salary, benefits and job at risk.
  • It’s the right thing to do.

What Can You Do? 10 Do’s and Don’ts to Keep You Out of Trouble


  1. Don’t share your user name or password with anyone.
  2. Don’t leave PHI exposed on an unattended computer.
  3. Don’t ignore a PHI exposure, even if it’s unintentional.
  4. Don’t give out PHI data without proper safeguards.
  5. Don’t assume equipment doesn’t contain PHI.
  6. Don’t assume that people won’t look at exposed PHI on your computers.
  7. Don’t ever access PHI unless you have a reason to do so.
  8. Do not every post anything about your day at work to social media.
  9. Do not load any additional software unto your computers.
    • File sharing software like DropBox
    • Personal email 
    • Other cloud services or apps
    • Games or fun software
  10. Do not use any unapproved personal devices or software.


  1. Do always login as yourself when you access PHI*.
  2. Do lock your computer if you are leaving it.
  3. Do remind each other about security best practices and report exposures to your supervisors.
  4. Do use encryption any time PHI is shared.
    • Only encrypted email.
    • Only encrypted media (thumb drives, CDs, etc.)
  5. Do protect medical equipment that records data, copiers, fax machines, etc.
  6. Do limit access to viewing screens that show PHI.
  7. Do remind each other to limit access
  8. Do remember that people can figure out what you are talking about even if you talk in code.
  9. Do restrict your use of your computers to just business.
  10. Do get approval before you use or attach any hardware or load any software.