Login | Live Technical Support Chat | Contact | Support (888) 200-9494
HOME » BLOG » HIPAA Compliance: Requirements of Health IT and the Consequences of Not Complying

HIPAA Compliance: Requirements of Health IT and the Consequences of Not Complying

March 20th, 2012 by Rich Thompson
Tags:

 

It’s no secret that health IT has some of the most complex needs of all industries that exist today. Not only are the compliance requirements some of the most non-prescriptive in the IT space, the consequences of not complying can be costly.

 

With more then 10 million individuals employed in the industry in the US, protecting the privacy and confidentiality of a patients’ electronic medical health records from unauthorized access is paramount to achieving compliance with federal regulatory laws such HIPAA, the HITECH Act, the American Recovery and Reinvestment Act and other laws that apply to healthcare organizations.

 

What happens if you don’t comply with these health IT compliance requirements? Just ask Cignet Health.

 

Last year, for the first time in history, federal officials issued a civil monetary penalty (CMP) to a healthcare organization for violations of the HIPAA privacy rule. When Cignet Health of Prince George’s County, Md. failed to provide 41 patients with access to their medical records and then failed to cooperate with federal investigators, HHS imposed a CMP of $4.3 million for the violations.

 

In a Notice of Proposed Determination issued Oct. 20, 2010, the OCR found that Cignet violated 41 patients’ rights by denying them access to their medical records when requested between September 2008 and October 2009. These patients individually filed complaints with OCR, initiating investigations of each complaint. Because the HIPAA Privacy Rule requires that a covered entity provide a patient with a copy of their medical records within 30 (and no later than 60) days of the patient’s request, Cignet’s CMP began at $1.3 million.

 

Making matters worse for Cignet, OCR also found that the medical service provider failed to cooperate with OCR’s investigations on a continuing daily basis from March 17, 2009, to April 7, 2010. OCR found that the failure to cooperate was due to Cignet’s willful neglect to comply with the HIPAA, which states that covered entities are required under law to cooperate with the Department’s investigations. Based on the violation categories and increased penalty amounts authorized by Section 13410(d) of the HITECH Act, Cignet’s fine was increased by an additional $3 million.

 

This steep $4.3 million penalty sent a clear message to healthcare entities: HHS is serious about enforcing individual rights guaranteed by HIPAA.

 

The Cignet case is of course an extreme, and the organization knowingly violated patient rights, but what about a data breach?

 

We’ve covered this and much more in our latest white paper, “Delivering Hosting Solutions for Healthcare.” Download it free today, and feel free to reach out if you have any questions or need more information regarding HIPAA compliance and how it relates to the compliance solutions we offer at Carpathia.

Write a comment

  • Required fields are marked with *.

If you have trouble reading the code, click on the code itself to generate a new random code.
 
Showing comments 1 to 4 of 147 | Next | Last
Deep
Posts: 147
Comment
pDoBnuJkwHWeBrHGy
Reply #147 on : Wed January 30, 2013, 07:16:57
The thing with most people today is they have this false perocptien data loss only happens in geeked techy television shows and not in real life. BIG MISTAKE. Usually, when the files go missing, the flow of regrets (and blaming) were a dragging recollection of what-ifs or i-should've-listened-to-that-ad-eventhough-I-can't-stand-the-speaker's-hair. Today's Backup software are available in many formats, each highlighting the need for installation.Most people would label backups as something for the techy folks. Well, aside from the super easy steps during installation, there are options tailor-made for every user.
Natalya
Posts: 147
Comment
ciPjPOxwZ
Reply #146 on : Mon January 28, 2013, 12:18:49
I agree with you about having all your final htlaeh wishes in order. I work in a hospital and I know how hard HIPPA makes it on patients and their families. I am one of the few lucky ones that has decent htlaeh insurance but I know a lot of my friends that don't and I see how they struggle. Some of them have to decide each month if they are going to buy their meds or are they going to buy food. Medical testing is so expensive these days.Jennyej
Ange
Posts: 147
Comment
dBvYCjFjofq
Reply #145 on : Mon January 28, 2013, 11:13:58
I agree with you about having all your final heltah wishes in order. I work in a hospital and I know how hard HIPPA makes it on patients and their families. I am one of the few lucky ones that has decent heltah insurance but I know a lot of my friends that don't and I see how they struggle. Some of them have to decide each month if they are going to buy their meds or are they going to buy food. Medical testing is so expensive these days.Jennyej
Nick
Posts: 147
Comment
tbgjSIxKmocWz
Reply #144 on : Mon January 28, 2013, 03:50:39
?????? ????? ?????? ???? ????????????? ?? ?? ?????????? ?? ??? ????? ??????? ????????? ?? ????? ??????? ???? ???? " ??????? ?? ?????? ? ? ?????? ?? ???????? ? ? ?????? ???? ? ? ??????? ? ??????? ? ? ????? ?????? ???? ??? ???? ??????? ? ??????? ? ??????? ? ? ??????? ???? ??? ? ??????? ??? ?? 2007 Marketing: Marketing is the activity, set of innoutititss, and processes for creating,communicating, delivering, and exchanging offerings that have value for customers, clients, partners, and society at large. Approved October 2007
Showing comments 1 to 4 of 147 | Next | Last

[ Authors ]

[ Categories ]

[ Archives ]

Archives