By Jack Anderson
January 16, 2015
Your patient medical data or PHI has become a target for criminals and if you are not HIPAA compliant losing the data could subject you to a lawsuit. HIPAA compliance is now the industry standard and failing to comply could subject you to a class action lawsuit asking for $1,000 per patient record lost. These lawsuits have been winning and there are a number of settlements that have been announced. Stanford Hospital and Multi-Specialty Collection Services and Corcino & Associates settled a class action lawsuit in March of 2014 for $4 million dollars for a breach of 20,000 patient records . California’s Confidentiality of Medical Information Act allows patients to bring an action against any entity that has negligently released individually identifiable medical information, seeking minimum damages of $1,000, with no proof of actual damage required. In another case Avmed a Florida healthcare provider paid a $3 million dollar settlement for a breach of patient medical records.
The article in the New York TImes today, “Need Some Espionage Done? Hackers Are for Hire Online” adds to the worry. Now you don’t need to possess the skills to hack someone’s database you can hire a hacker on-lne at https://hackerslist.com/ .
Don’t worry about a HIPAA audit from Health and Human services, the chance of you being selected is lower than your chances of winning the lottery. Instead worry about your business partners or clients auditing you or someone hacking your database. If you lose EPHI the chances are high that you were not HIPAA compliant and therefore open your company to a class action lawsuit whose consequences will be much greater than a fine from HHS.
HIPAA compliance is absolutely necessary in 2015. If you haven’t done a HIPAA risk assessment and begun remediation of the risks that were revealed you are extremely vulnerable. Come visit us at www.compliancehelper.com and see our easy and cost effective our on-line system.
Download you free HIPAA compliance checklist for a quick look at your level of compliance.