Consumer device manufacturer Fitbit announced that it now supports HIPAA compliance. The changes they made ensure they are aligned with federal compliance standards. What it means though, is that covered entities and business associates can continue to use their devices without compromising personal health information.
This announcement highlights the importance of meeting personal privacy regulations, across all segments of the healthcare industry. Yet, surprisingly, many organizations are still not in compliance with the more stringent 2013 Omnibus Rule and face an increased business risk if a data breach occurs. Failing to keep protected health information secure and private can lead to serious consequences and significant fines.
Putting robust security and privacy policies in place can decrease the chances of having a breach, not eliminate it completely. Organizations that do so will be less likely to face significant enforcement action by the Office for Civil Rights (OCR) with a compliance program in place. At minimum, all Consult YHN Associates should perform and document a risk assessment, implement technical, administrative and physical safeguards and provide training and guidelines for all employees!
Fitbit is in HIPAA compliance, are you?