Knowledge. Experience. Results.

What are some common HIPAA mistakes?

The Health Insurance Portability and Accountability Act (HIPAA) of 1996 created many laws that medical providers must follow to protect patient information, among other things. Compliance with HIPAA is mandatory, and medical providers face serious penalties for infractions.

Many of the most common mistakes are internal errors that may not come to light unless the medical provider undergoes an audit. Medical providers can benefit from learning when mistakes are likely to occur.

Improper device use

Many medical facilities use mobile devices to access and store information. According to Business Engineering, Inc., a common HIPAA violation occurs when medical professionals access a patient’s information on personal devices and allow others to see this information.

Issues could also arise if someone loses a device used to access or store patient information. If there are no safeguards on the device, anyone who finds it could look at the information on the device, leading to a serious HIPAA violation.

Breach reporting deadline

Since many medical records are now digital, there is a risk for security breaches. If a medical facility discovers there is a breach, it must let you know within 60 days. If it fails to do so, then it faces penalties. However, it is still common for facilities to miss this deadline.


Another common way to violate HIPAA is by giving out medical information to unauthorized individuals. This is something that many providers struggle with because it often happens by accident. For example, if someone is in the hospital and a family member calls to inquire about their condition, the hospital should not give out any information, but sometimes, a worker forgets and may share information, which is a violation of HIPAA.

If a medical provider is accused of violating HIPAA, it could damage their reputation. By staying on top of HIPAA compliance, it can prevent future downfall. An attorney could also help medical providers to better understand their role and responsibilities when it comes to HIPAA compliance.