HIPAA compliance and web portal security aren’t just big company concerns
For years, many wellness coaches have flown beneath the radar when it comes to HIPAA compliance and web portal security. Those days are over. Wellness coaches regularly handle Protected Health Information (PHI) and the penalties for lack of compliance range from $100- $50,000 PER incidence up to a maximum of $1.5 million/year, even if the breach wasn’t intentional. Do we have your attention?
If you’ve been depending upon hope and good fortune in this arena, stop immediately. All established wellness coaches use a web portal to provide services. Typically these tools offer both resources for their clients to utilize as well as a secure place to maintain and update client notes. The question you MUST ask yourself today is “Am I absolutely certain my site is both secure and compliant?”
In midst of the Heartbleed outbreak earlier this year, the Wall Street Journal suggested this scan of web portals to check security:
https://www.ssllabs.com/ssltest/analyze.html?d=
Before reading further, plug your coaching portal into this scan to check your score. Anything below an A- should be of significant concern. Here’s the scan of the web portal offered specifically for wellness coaches through www.WellnessCoachCatalyst.com:
Keep in mind that while this scan is a critical starting point, it is only a starting point. Even with a highly secure site, you can still go out of bounds in regards to HIPAA compliance if you’re not careful. However, without a secure site, you have no chance of steering clear of potential issues over the long term.
This one is easy for wellness coaches to neglect, as it doesn’t carry with it the excitement of working with clients or developing new programs. However, it is a core area that cannot be ignored without potentially dire consequences.