Medcom Blog


Managing HIPAA Privacy, Security, and Cybersecurity Risks

With so much in the news recently about cybersecurity risks and breaches, there is no doubt a company’s privacy and security is serious business. Cybersecurity risks also affect HIPAA privacy and security regulations that shield protected health information (PHI).

Employers cited and fined by the Departments (HHS and OCR) for HIPAA violations sacrifice millions in penalties, legal fees, and private litigation. Money lost is bad enough, but we must also consider the impact of losing a business’s reputation.

Did you know?gavel sitting on pile of money

  1. Significant penalties for small companies are more prevalent than ever. Advanced Care Hospitals only employed about 40 people when they received a $500,000 fine for a PHI breach.
  2. A study by Ponemon reports 65% of consumers lose faith in an organization after facing a HIPAA breach. 
  3. Ransomware attacks have increased by 435% since 2019, according to data from Retarus.
  4. Anthem settled a private lawsuit in 2018 following their massive HIPAA breach for $115 million. This was after HHS fined them more than $48 million.

Cybersecurity and HIPAA breaches reached an all-time high in 2020 and 2021. As a result, companies can no longer afford to gamble with their risk management strategies. Medcom can help!

Medcom provides comprehensive remote or on-site HIPAA Privacy and Security training for your companies and their employees. We offer personalized and customized solutions for employers large and small and include specific instruction for self-funded employers, HR professionals, IT staff, and healthcare industry staff, among others.

Our training includes the following customized HIPAA documents:

  • HIPAA Privacy Policies
  • HIPAA Privacy Notices
  • Confidentiality Agreement
  • Business Associate Agreement
  • HIPAA Privacy Forms:
    • Authorization & Revocation
    • Request for Confidential Communications
    • Request for Access, Restriction, Amendment, Accounting
    • And more

Medcom is also here if you are worried that your company has unique needs most training firms won’t tackle. We work diligently to meet any distinctive needs for training and education. To learn more about our HIPAA Privacy and Security offerings, including risk assessments and training, contact us!