HIPAA Violations

The top 10 HIPAA violations by Covered Entities and Business Associates include the following:

1. Snooping on healthcare records;
2. Failure to perform risk analysis;
3. Failure to manage security risks;
4. Failure to enter into a HIPAA compliant BAA once again is your Business Associate Agreement;
5. Insufficient ePHI access controls;
6. Failure to use encryption to safeguard portable devices;
7. Failure to issue breach notification;
8. Impermissible disclosure of PHI;
9. Improper disposal of PHI after the retention period has expired;
10. Denying patients access to health records.