Healthcare Compliance Takeaways for All Industries 15:33, September 12, 2016

Share on FacebookShare on Google+Tweet about this on TwitterShare on LinkedInEmail this to someone

Our Resources

Healthcare Compliance Takeaways for All Industries

Share on FacebookShare on Google+Tweet about this on TwitterShare on LinkedInEmail this to someone

Like many industries, the medical field is no stranger to compliance. While its compliance issues may seem inapplicable to industries like tech and banking, we have covered recent developments that provide best practices for all organizations in three main areas: data security, sexual harassment, and conflicts of interest.

HIPAA Compliance Prevents Ransomware Attacks

According the Office of Civil Rights’ Fact Sheet: Ransomware and HIPAA, if organizations are compliant under HIPAA, then they should already be prepared to prevent and recover from ransomware attacks. Ransomware is malware (malicious software) that holds access to data hostage, usually by encryption, until a ransom is paid. It leads the recent wave of data security hacks.

HIPAA requires “robust security incident procedures” that tell organizations how to respond to ransomware attacks, recommends data backup, and requires security training to employees. These are takeaways that all organizations can utilize to protect themselves against ransomware. Considering insider negligence is the leading cause of data loss or theft, training employees to practice good behavior can help prevent data breaches and developing security incidents.

Sexual Harassment in the Medical Field

While reported instances of sexual harassment and discrimination in the medical field have decreased over the past 20 years, a recent study showed that 70% of women had perceived gender bias in the academic environment, while 66% had experienced it personally. Additionally, 22% of men reported that they had perceived gender bias, and 10% had personally experienced it. The study’s author, Dr. Reshma Jagsi, further asserts “[w]omen who experience . . . harassment may be less likely to report these incidents if they feel they are unique and aberrational. Our data shows this is not an unusual situation and reflects a larger societal problem.”

Fortunately, organizations can take steps to prevent sexual harassment and encourage prosocial behavior. According to the US Equal Employment Opportunity Commission’s June Report, and reported by us, organizations need to develop a culture that does not tolerate sexual misconduct, implement holistic harassment prevention efforts, and make all levels of a business accountable to anti-harassment efforts.

Conflicts of Interest and Ethics

Conflicts of interest that happen in medicine affect us as people and as representatives of our respective organizations. In his article When Doctors Have Conflicts of Interest, Dr. Mikkael A. Sekkeres explains when doctors should do when they encounter a possible conflict of interest, such a developing and earning money from a treatment that is later recommended to patients.

As we report, “whether or not we work in the medical field, we all engage in the delicate task of balancing the advancement of our own prerogatives against that of our employers and others. Ethical decision-making is part of the day-to-day responsibilities of all employees.”

LawRoom offers online compliance courses that teach ethics, sexual harassment, data security and privacy, and other topics that organizations can utilize to make their workplaces better.

You might also be interested in...

  • Discrimination and Harassment in the Medical FieldJune 10, 2016 Discrimination and Harassment in the Medical Field Sexual harassment and workplace discrimination can happen in any field. Recently, many surveys and studies are being conducted about one industry in particular: healthcare. By comparing statistics, looking at the backdrop, and uncovering a possible solution, organizations and […] Posted in workplace discrimination
  • Ransomware Holds Data HostageJuly 29, 2016 Ransomware Holds Data Hostage The US Department of Health and Human Services (HHS) states in a Fact Sheet on Ransomware and HIPAA that ransomware may result in a breach that must be disclosed under the HIPAA (Health Insurance Portability and Accountability Act) Privacy Rule. Ransomware is malware (malicious […] Posted in data security
Douglas Kelly
Douglas Kelly is EverFi's lead legal editor. He writes on corporate compliance and culture, analyzing new case law, legislation and regulations affecting US companies. Before joining EverFi, he litigated federal and state employment cases and wrote about legal trends. He earned his JD from Berkeley Law and BBA from Emory University.

Leave a Reply

Leave a Reply

White Paper
Data Security training
for employees

  |   Download White Paper


Compliance Course Catalog
  |   Download Catalog