HIPAA Blog Posts: HIPAA HITECH Act

Falsely Attest to Meaningful Use: Go To Jail

 Falsely attesting to meaningul use earned Joe White, former CFO of a Texas hospital group a 23 month sentence in federal prison plus restituion of $4.5 million dollars.  This should strike fear in the hearts of many who signed similar attestations without satisfying the meaningful use requirements, particularly Core Measure 15.

Continue reading…

Healthcare Breachs Cost $363 Per Record

 The study found that the healthcare was most at risk for costly breaches, with an average cost per record lost or stolen as high as $363, more than twice the average for all sectors of $154.

That reflects the relatively high value of a person's medical records on the underground market, said IBM, as Social Security information is much more useful for identity theft than simple names, addresses or credit card numbers.

Continue reading…

HIPAA Audit Lottery

 Congratulations, you have just been entered, without your permission, in the HHS OCR HIPAA audit lottery!  The first stage will be being one of 500 covered entities or 200 business associates who receive an OCR screening survey in the mail.  From this pool an undisclosed number will be chosen for an unannounced HIPAA audit.

Continue reading…

HIPAA Training: "We have met the enemy and he is us"

 “Based on the results of the study, human error continues to be the biggest source of healthcare data breaches, as 75 percent of organizations view employee negligence as the greatest breach threat.”  The Ponemon Institute’s fourth annual Patient Privacy & Data Study

Continue reading…

HIPAA Compliance Depends on Documentation

 If you don't document your HIPAA compliance activities you can't prove HIPAA compliance.  Documentation of your HIPAA compliance activities is what builds the legal firewall around your company

Continue reading…

Why Would I Need a HIPAA Helper

 Unless you have a HIPAA expert on your staff you probably need a HIPAA Helper to answer your questions and make sure that you are HIPAA compliant.  The big question is how do you get a HIPAA Helper and how much do you pay?

Continue reading…

Beware the "HIPAA Compliant" Claim

  The FTC’s complaint alleges that GMR held itself out as a “HIPAA Compliant Medical Transcription Service” and overpromised customers “You can be assured that the materials going through our system are highly secure and are never divulged to anyone.”  Beware the self described "HIPAA Compliant" company.  You need proof of on-going HIPAA compliance from a trusted third party such as Complianc Helper and their Compliance Meter(tm).

Continue reading…

HIPAA and Health Insurance Carriers

 Health insurance carriers must drive HIPAA compliance.  General agents and producers are waiting for a signal that they must be able to prove compliance to their carriers.  This means doing more than amending business associate agreements.

Continue reading…

HIPAA Breach: 20 Years of Hard Labor

 Accretive Health gets 20 years of outside monitoring of privacy and security efforts for HIPAA breach. " Additionally, Accretive Health agreed to initial and biennial third-party auditing of their security measures and to maintain those records and make them available to the FTC upon request. The settlement will be in effect for 20 years."  Winston & Strawn LLP, Steven Grimes

Continue reading…

HIPAA Audits Increase in 2014, Include Business Associates

 "Based on reinvigoration of the HIPAA Audit Program and signals from OCR, it appears that 2014 will be the year of heightened OCR enforcement."  OCR lacks insight into HIPAA security rule compliance, Epstein Becker Green, Alaap B. Shah 

Continue reading…