877.334.8512 |      

EHR and practice management for mental / behavioral health

Late to the HIPAA Compliance Security Table

PIMSY behavioral health EMR explores why mental health lags behind other sectors in data security - and shares tips for staying HIPAA compliant

by Donna Koger, 6.29.17 (with a little input from Leigh-Ann Renz)

Many healthcare IT specialists are reporting that healthcare (including mental + behavioral health) is later to the HIPAA compliance security table than other industries, such as finance and even government. Our industry suffered the second highest number of security incidents in the services organizations in 2016. This was highlighted just this week by a ransomware attack that affected large corporations like Merck - and even smaller mental health EHRs.


To answer that question, a free report by Symantec, the Internet Security Threat Report (ISTR), for healthcare includes the following findings:

  • More planned and targeted attacks, including more ransomware, impacting healthcare through an increase in smaller incidents.
  • A growing understanding that the risk is not just about client data, but about client care delivery, and potentially, even about client health itself.

Even though many in healthcare are spending more on IT, it is still not enough to say healthcare is moving at a fast pace toward HIPAA compliance and by extension protecting themselves from sophisticated and targeted attacks.

What Can You Do?

Check out this detailed article by Rob Reinhardt about how to maintain data security for mental + behavioral health care providers. We also have tons of practical how-to articles on our HIPAA Compliance blog. Click here to learn about ransomware attack prevention and recovery from a healthcare sector perspective, including the role HIPAA plays in helping organizations prevent and recover from attacks.

Take Away

Clearly, it is not enough to be HIPAA compliant, IT security must be an equal requirement to compliance rather than merely an extension of it.

Resources Include

HITECH (Health Information Technology for Economic and Clinical Health) ISTR Report. http://www.hitechanswers.net/


Find more complimentary resources in our HIPAA Resource Center.
Our Most Popular Posts:
OMG HIPAA Compliance Key
2016 HIPAA Audit Series
Disaster Backup Plan: Are You Prepared?
HIPAA Compliance in a Nutshell
HIPAA Email Guidelines



Donna Koger
 is currently the HIPAA Compliance Officer and materials developer for software training and support at Smoky Mountain Information Systems, home of PIMSY EHR. Ms. Koger is also a regular contributor to the PIMSY EHR Blog.

Kudos from Clients

  • Seth H.

    “PIMSY more than pays for itself by streamlining my office, improving efficiency and reducing billing times. I would recommend PIMSY to anyone looking for a good EMR company that will help you implement its program and help you with any questions you have along the way.”

    ~ Seth H., Business Owner

  • Karen B.

    “Love PIMSY! So much quicker to complete notes and easier for everyone working with clients to know current authorizations and track units.”

    ~ Karen B., Therapist

  • Dr. Carmen L.

    “I am extremely appreciative and am so glad I decided to go with PIMSY versus the other options I was considering. I was singing your praises to a colleague of mine today who is feeling overwhelmed with her paper process. I highly recommend all of you.”

    ~ Dr. Carmen L., Program Director

  • Kim T.

    “We are now functioning at a 50% faster recovery rate for money and a 50% lower denial rate. You should really give the PIMSY team time to demonstrate for you personally.”

    ~ Kim T., Business Director

Subscribe To Our Newsletter

Subscribe to the PIMSY newsletter
What topics are you most interested in?