The Mayo Clinic this week reports that over 900 Mayo Clinic staff in the Midwest have contracted COVID-19 over the past two weeks, and patient care is suffering. This is more than 30% of the total number of staff cases during the entire pandemic so far. And most of the exposure, over 93% occurred through community transmissions, not at work.
According to ABC News, to shore up its workforce “the Mayo Clinic is recruiting health care workers back from recent retirement, bringing in staff from other sites (primarily Arizona), temporarily moving research nurses into patient care roles and reducing elective care to redeploy staff to COVID-19 patients…”
Workforce is the Backbone of HIPAA Compliance
Staying compliant with HIPAA requires a dedicated staff – not only caring for patients, but paying attention to protecting the privacy and security of patient information. Healthcare workers are the backbone of HIPAA compliance. Armed with knowledge in a supportive workplace, they safeguard privacy. A lack of knowledge, or a stressful workplace, puts compliance at risk.
When the workforce is temporary, coming back from retirement or from another state, there is a risk that their HIPAA training is not current. When did they last receive training? How familiar are they with this facility, the physical place, and the informations systems, computers, communications and EHR?
Ensuring that the right workforce members have the appropriate amount of access to information, based on their role, is critical. HIPAA requires that information access be strictly limited to the role a person fills, not less and not more than needed to do the job.
Cybersecurity is Heating up During COVID
Everyone in the organization should learn about cybersecurity – hacking, phishing, spearphishing, etc., and what to do/who to call, when it occurs.
On top of concerns for patient health and quality care, the COVID-19 crisis has opened the door to new cybersecurity risks. Warnings about cybersecurity during COVID-19 have been repeated nearly every month, since February. It’s a difficult, stressful time, worldwide, and cybercriminals are taking advantage of the situation to steal data, including research about COVID vaccines.
With temporary staff, or a smaller staff, it’s critical to review HIPAA basics, including cybersecurity risks. Training has been shown to greatly reduce risks. Armed with knowledge, the healthcare workforce is the strongest defense against cybercrime.
Review the Basics
The HIPAA basics are easy to review. Take the time to go over these key basic rules. Make sure members of the workforce know who to call with questions or concerns. Keep lines of communication open to help staff manage stress and they’ll be better equipped to maintain the culture of compliance required to stay compliant with HIPAA and maintain patient privacy and security. And call us if you have questions.