As busy healthcare professionals focus on their core business of patient care, smaller offices tend to be more vulnerable to HIPAA violations. A recent survey by NUEMD revealed that only 40% of 927 respondents were aware that OCR HIPAA Audits were even planned to take place. The majority of respondents to the survey had 1 to 10 providers. Although HIPAA requires a HIPAA Security Officer and a HIPAA Privacy Officer be appointed, smaller offices are less likely to do so. In fact, even though the officers are required, the NUEMD survey found that only 53% of offices had security officers and only 54% had a privacy officer. As the survey points out, a compliance plan is the first step in making sure that HIPAA guidelines are followed and 70% of respondents claimed to have such a plan. However, simply having a plan is not beneficial unless thorough training for the compliance plan is also done. In addition to compliance plans, the NUEMD survey also found that although HIPAA requires electronic devices containing personal health information (PHI) to be cataloged, a majority of small healthcare offices were not adhering to this requirement. Yet, patient and staff communication via mobile, email, texting and social media is taking place. Training for new and existing employees on overall compliance and on-going training on the use of all technology in a HIPAA compliant manner is important. Larger healthcare offices are not immune. Although larger healthcare providers usually have robust I.T. departments, this doesn’t always prevent them from having some of the same issues found in smaller offices. Often, smaller healthcare practices may not be aware that lots of time and money is not necessary when it comes to their healthcare I.T. In fact, small I.T. companies may be their best option for assistance in HIPAA compliance. Companies like Data-Fast Solutions have the same technology as large I.T. firms but are much more agile in their responsiveness and ability to monitor HIPAA I.T. related issues more cost effectively. In summary, for small healthcare practices, having a HIPAA compliance plan in place and working the plan through training and follow-up communication can help a smaller practice avoid time-consuming and costly HIPAA related issues later. Having a HIPAA certified I.T. professional company like Data-Fast Solutions to assist with I.T. compliance and provide on-going I.T. support is key. This can leave smaller healthcare practices the time to focus on patient care.