Back in 2007, a widespread cheating scandal shook Florida State University. More than 60 student-athletes were involved in a fraud case for violating the National Collegiate Athletic Association (NCAA) academic standards. While not all the students were Seminole football players (varying FSU sports programs were affected), a large number of them were.
According to the NCAA’s report, a learning specialist, an academic advisor, and a tutor took various tests and wrote papers for the athletes. There were also a significant number of athletes who took an online music course that allowed them to pass by cheating.
The result? 23 football players were prohibited from competing in the 2007 Music City Bowl, including several of the team’s starters. FSU was also placed on four years’ probation and lost scholarship funding. The real kicker, though, was that 12 games in which ineligible players competed were retroactively removed from the record. Unfortunately for coach Bobby Bowden, this ruined any shot he had to beat Joe Paterno and top the coaches’ all-time wins list at the time. Sorry, Bobby. Cheaters never prosper.
The moral of this story also applies to how your business handles maintaining compliance. You can’t phone it in when it comes to making sure your organization meets these critical standards. Especially when HIPAA penalties can range from $100 to $50,000 per violation. If that sounds scary, that’s because it is.
Essentially, there are two parts to staying compliant. Properly securing your network and using the right software.
There are correct ways to secure your network and then there are incorrect ways. “31% of consumers said they discontinue their relationships with an entity following a data breach,” so it’s important to do it right. You need a strong firewall, data encryption, antivirus software, strong passwords, and data backup, among other more organization-specific things.
Selecting software programs for your company is similar. There’s software that’s HIPAA-compliant, and there’s software that isn’t. Typically, the programs that are tend to be a bit more expensive. Some businesses see this and opt for the cheaper ones. While this is okay for records and information that don’t fall under HIPAA protections, if you’re caught using this software with ones that do, it’s not going to be good for your company’s reputation or pocketbook.
These are some of the rules of the game that take extra time and practice to master and put into motion in your organization.
Creating Your Perfect Play
If you’re thinking, “Uhh, that’s a lot to think about. I don’t want any fines. How do I know if I’m doing this compliance thing right?”
Simple. You hire an IT consultant who is familiar with compliance. They will provide your company with a compliance risk assessment that details everything you need to remedy in order to achieve compliance and minimize your risks. They’ll also be able to tell how to fix the problem areas that may be uncovered.
According to KMPG, “Keeping policies current with changing regulations is the number one challenge for 47% of organizations.” Compliance regulations are complex and frequently change. It can be exhausting to keep up on your own. These experts are up-to-date on the latest standards and uniquely able to advise your business based today’s compliance requirements relevant to your business.
How you store your data, handle communication, and secure your network are all a part of maintaining compliance. That being said, we strongly recommend that you talk with an IT consultant and get a compliance risk assessment.
We’re happy to be that expert. But even if it isn’t us, we highly recommend that you speak with one. Staying compliant will keep your business in the game scoring and off the sidelines sulking.