EHR and practice management for mental / behavioral health

Late to the HIPAA Compliance Security Table

by Donna Koger, 6.29.17

Late to the HIPAA Compliance Security TableMany healthcare IT specialists are reporting that healthcare (including mental + behavioral health) is later to the HIPAA compliance security table than other industries, such as finance and even government. Our industry suffered the second highest number of security incidents in the services organizations in 2016. This was highlighted just this week by a ransomware attack that affected large corporations like Merck – and even smaller mental health EHRs.


To answer that question, a free report by Symantec, the Internet Security Threat Report (ISTR), for healthcare includes the following findings:

  • More planned and targeted attacks, including more ransomware, impacting healthcare through an increase in smaller incidents.
  • A growing understanding that the risk is not just about client data, but about client care delivery, and potentially, even about client health itself.

Even though many in healthcare are spending more on IT, it is still not enough to say healthcare is moving at a fast pace toward HIPAA compliance and by extension protecting themselves from sophisticated and targeted attacks.

What Can You Do?

Check out this detailed article by Rob Reinhardt about how to maintain data security for mental + behavioral health care providers. We also have tons of practical how-to articles on our HIPAA Compliance blog. Click here to learn about ransomware attack prevention and recovery from a healthcare sector perspective, including the role HIPAA plays in helping organizations prevent and recover from attacks.

Take Away

Clearly, it is not enough to be HIPAA compliant, IT security must be an equal requirement to compliance rather than merely an extension of it.

Resources Include

HITECH (Health Information Technology for Economic and Clinical Health) ISTR Report.


Find more complimentary resources in our HIPAA Resource Center.
Our Most Popular Posts:
OMG HIPAA Compliance Key
2016 HIPAA Audit Series
Disaster Backup Plan: Are You Prepared?
HIPAA Compliance in a Nutshell
HIPAA Email Guidelines


Donna Koger is currently the HIPAA Compliance Officer and materials developer for software training and support at Smoky Mountain Information Systems, home of PIMSY EHR. Ms. Koger is also a regular contributor to the PIMSY EHR Blog.

Kudos from Clients

Seth H.

“PIMSY more than pays for itself by streamlining my office, improving efficiency and reducing billing times. I would recommend PIMSY to anyone looking for a good EMR company that will help you implement its program and help you with any questions you have along the way.”

~ Seth H., Business Owner

Subscribe To Our Newsletter

Subscribe to the PIMSY newsletter
What topics are you most interested in?