Dale Dalton

Out of Compliance with HIPAA Can Cost Millions


Dallas, TX -- (SBWIRE) -- 08/26/2014 -- Storing sensitive data can make a business out of compliance with HIPAA, and that could cost millions of dollars in fines.

With the spread of “big data” extending its virtual arms in every direction and into every aspect of people’s lives, privacy is at a premium.However, the average American is not the only person affected by big data’s reach.

Consider the DUI and the Drug and Substance Abuse schooling industry. If a person is caught driving drunk, or high on drugs, or both, the court will typically order that person to a DUI/DWI school. Once they’re in the system, they are required to give up all their vital information. In short, information they don’t want leaked to the general public.Doing so can prevent a person from getting a good job, or even losing a good job they already have, not to mention paying steep fines, court costs and lawyer fees.

Or perhaps it’s a situation that an individual realizes on their own that they have a substance or alcohol abuse problem and one would like to handle the problem privately. The need for privacy is now even greater.

The good news is all these drug and alcohol treatment facilities and classes are required to keep information safe from prying eyes through a federal law calledHIPAA.

HIPAA, which stands for the “Health Insurance Portability and Accountability Act”, is a privacy guideline and law for all medical facilities, doctors, counselors, alcohol/drug and substances clinics (and similar), to keep client information private and safe.

Consider the lawsuit against Presbyterian Hospital/Columbia University Medical Center when one of the physicians accidentally deactivated their servers. The records of over 6,800 patients were leaked over the Internet. That mistake cost them a hefty settlement of 4.8 million (see story here: http://www.sfgate.com/news/article/Top-NYC-hospital-paying-4-8M-in-HIPAA-settlement-5461385.php).

However, when checking oneself into one of these schools or facilities, how does one know if the systems they have in place are compliant or not. Sometimes, even these schools are not aware they could have a security issue.

While many EHR and other client or patient management software is secured, there are softwares on the market that could get one in trouble.

Consider a client management software used by many DUI and Drug & Substance Abuse schools using a client management system called ADM out of Lake Elsinore, California.

The major flaw with ADM is within the code they use to write their software. They transmit or store data in a format called “clear text”. Clear text can easily be breached, hacked and accessed by anyone with a small amount of knowledge of web programming using any text editor, like Notepad or Microsoft Word. Furthermore, their software is downloaded onto a local computer within the school or facility instead of a secured data facility. This means vital data that should be secured is predisposed to hacking and makes these facilities vulnerable to lawsuits.

It’s always best to check out how drug and alcohol treatment centers are securing one’s most sensitive data. Ask some basic questions such as, “Do they store your data at their location?” or “Do they have it at a secured data facility?” and “What client management system are they using?”

Some of the better known and trusted software on the market is, “ClientTrack, NextGen Practice Management, Court Ordered Program Supervisor (COPS), or MedicsDocAssistant™.

Protection on both sides is important. Protecting a clients personal data, and keeping one’s business safe in the process.

About Dale Dalton
Dale Dalton is a freelance journalist that covers software news and events. One can write to him at:

Dale Dalton
11751 E. Elm St. Ste 420
Dallas, TX. 75244