Is OCR Really Going to Enforce HIPAA Privacy and Security?
Ya think! We think so. We really, really believe that the fun is over! In case you've been out of the country for the last several months, you might want to catch up on some recent developments that have signaled the increased seriousness with which OCR is enforcing the HIPAA privacy rule:
- The first ever civil penalty on a healthcare provider ($4.35 MM) for failure (and willful neglect) to provide access to PHI for 41 patients
- A substantial settlement ($1MM) with another for PHI privacy violations of a “few hundred individuals”
- Recent announcements of the anticipated HIPAA civil lawsuit training for State AGs
Most recently, comments by Susan McAndrew, OCR's deputy director for health information privacy on enforcement reinforced the upswing in compliance efforts:
"There will be enforcement consequences for failure to comply with HIPAA privacy and security obligations."
"It is clear that we will be vigorously enforcing these requirements, and, with the increased penalties that are available to use under the HITECH Act, covered entities need to pay attention and take whatever steps they can to prevent complaints in the first place by meeting their obligations to the fullest."
We are laser-focused on helping organizations become and remain HIPAA-HITECH compliant. Benefit from our expertise by accessing our HIPAA-HITECH compliance resources or attending one of our complimentary HIPAA-HITECH compliance webinars.