Who Has My Data? Factors Contributing to HIPAA (Non)Compliant Behaviors

Abstract

HIPAA noncompliance has become an increasingly regular occurrence throughout the healthcare industry, leading practitioners to seek ways to minimize the phenomenon. Healthcare workers are hired into the field with limited knowledge of the implications of sharing patient information. One of the objectives of this research was to show that providing deterrent information regarding real cases of HIPAA noncompliance will increase overall levels of HIPAA compliance. We surveyed two groups: one provided with deterrent case information regarding real-life individual healthcare workers imprisoned following HIPAA noncompliance, and one not provided with such information. We also questioned individuals about whether their compliance level would change if they were offered an incentive to be noncompliant, and explored individuals’ ethical level, knowledge of HIPAA regulations, and belief in the justice system. We then developed a tool for healthcare practitioners to provide incoming healthcare workers with information that explains that being HIPAA noncompliant can impact them personally, not just the financial health of their organization. This awareness may lead to higher levels of HIPAA compliance.