HIPAA Compliance
Five HIPAA Compliance Tips for Small-Medium Sized Businesses
Maintaining round-the-clock HIPAA compliance is a constant challenge for healthcare providers and other HIPAA covered entities. For small and medium-sized organizations, the challenge of HIPAA compliance can be particularly difficult due to a lack of skilled personnel, resources, and budget. To make matters worse, just over a year ago, the OCR announced an initiative to…
Read MoreMedical Records from OB/GYN Found Dumped At Recycling Center After Anonymous Tip
Paper files containing names, Social Security numbers, and medical histories, including details of cancer diagnoses and sexually transmitted diseases, have been dumped at a recycling center in Allentown, Pennsylvania. The files appear to have come from Women’s Health Consultants, an obstetrics and gynecology practice that had centers in South Whitehall Township and Hanover Township, PA.…
Read MoreOver $1 Billion in Damages Sought in Lawsuit Against 60 Hospitals for HITECH Act Violations
A recently unsealed complaint, filed in a U.S. District Court in Indiana in 2016, seeks more than $1 billion in damages from 60 hospitals that received HITECH Act meaningful use incentive payments for transitioning to electronic health records, yet failed to meet the requirements of the HITECH Act with respect to providing patients, and their…
Read MoreHIPAA Compliance for Human Resource Departments
Businesses not directly involved in the healthcare or healthcare insurance industries should none-the-less pay close attention to HIPAA compliance for HR departments. It has been estimated a third of all workers and their dependents who receive occupation healthcare benefits do so through a self-insured group health plan. Although this does not mean a self-insuring business…
Read MoreCareless handling of HIV information jeopardizes patient’s privacy, costs hospital $387k
St. Luke’s-Roosevelt Hospital Center Inc. (St. Luke’s) has paid the U.S. Department of Health and Human Services (HHS) $387,200 to settle potential violations of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy Rule and agreed to implement a comprehensive corrective action plan. St. Luke’s operates the Institute for Advanced Medicine, formerly Spencer…
Read More$2.5 million settlement shows that not understanding HIPAA requirements creates risk
The U.S. Department of Health and Human Services, Office for Civil Rights (OCR), has announced a Health Insurance Portability and Accountability Act of 1996 (HIPAA) settlement based on the impermissible disclosure of unsecured electronic protected health information (ePHI). CardioNet has agreed to settle potential noncompliance with the HIPAA Privacy and Security Rules by paying $2.5…
Read More$5.5 million HIPAA settlement shines light on the importance of audit controls
Memorial Healthcare System (MHS) has paid the U.S. Department of Health and Human Services (HHS) $5.5 million to settle potential violations of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy and Security Rules and agreed to implement a robust corrective action plan. MHS is a nonprofit corporation which operates six hospitals, an…
Read MoreUPDATED SECURITY RISK ASSESSMENT TOOL RELEASED BY ONC
OCR prefers to settle HIPAA compliance issues through voluntary compliance and non-punitive means, although financial penalties are now becoming more commonplace. If OCR investigators uncover HIPAA violations, financial penalties may be issued. Fines of up to $1.5 million can be issued for each violation category discovered. One of the most common reasons for a financial…
Read MoreOCR Commences Phase 2 of HIPAA Compliance Audit Program
HIPAA Privacy, Security, and Breach Notification Audit Program As a part of our continued efforts to assess compliance with the HIPAA Privacy, Security and Breach Notification Rules, the HHS Office for Civil Rights (OCR) has begun its next phase of audits of covered entities and their business associates. The 2016 Phase 2 HIPAA Audit Program…
Read MoreHIPAA Compliance Still A Problem for Small Practices
While large healthcare systems have come to grips with HIPAA Rules and have implemented controls to safeguard ePHI from external and internal threats, small practices are still struggling with their compliance efforts, according to a recent survey conducted by NueMD. NueMD surveyed 900 healthcare professionals last month to gain an insight into how small healthcare organizations…
Read More