A Simple Plan: Rules

The Importance of HIPAA Compliance The Health Insurance Portability and Accountability Act (HIPAA) is a law that was introduced to ensure that Patient Health Information (PHI) is kept confidential at all times. Since its introduction in 1966, HIPAA has made patient information handling very sensitive in the hands of healthcare professionals. It is important for all concerned to remember that non-HIPAA compliance can result in significant fines or even imprisonment. Who Are Covered? Under HIPAA, all covered entities and business associates must protect PHI privacy. Hospitals, physicians’ clinics, and health plan clearing houses are examples of such entities. Business associates are firms working with covered entities, where PHI handling is one component of the service.
How I Achieved Maximum Success with Resources
What Exactly Does “HIPAA-compliant” Mean?
Why not learn more about Guides?
HIPAA has comprehensive requirements for every company that handles PHI. These parties have to ensure the physical security of the data, and that access is granted only to a select few. Administrators must know all present potential threats, and security updates must be regularly performed in order to control the potential dangers brought on by data hacking and phishing scams. Each covered entity should be guided by a balanced compliance program, and make sure that HIPAA requirements are known to all relevant staff. They should also periodically evaluate their security control and make sure that PHI is protected by encryption. Encrypted data is inaccessible when lost or stolen. What Is an HIPAA Audit ? There is an HIPAA audit program which randomly picks covered entities to audit. Performing the audits is the Office of Civil Rights (OCR) in the Department of Health and Human Services (HHS). It is OCR’s task to enforce the security and privacy regulations of HIPAA. The audit aims to determine if a covered entity or business associate is compliant with HIPAA’s rules and Breach notification rules. According to the Breach notification rule, any PHI security breach must be reported to the affected person, OCR and the Department of Health and Human Services. If it is found in the audit that HIPAA violations were committed, OCR could begin an investigation. What Happens During an HIPAA Probe? HIPAA may begin an investigation as a consequence of a random audit’s results, or in response to a complaint that was filed with the OCR against a certain covered entity. What Penalties Await HIPAA Violators? Violations against HIPAA have several categories and may fall under varying civil and criminal penalty tiers. Fines could be as low as $100 or as high as $50,000. If the OCR finds that the covered entity has been diligent enough and did not have knowledge of the breach, the penalty may go from $100 to $50,000 for each and every violation. In cases where willful neglect is established, the minimum fine is $50,000 and the maximum is $1.5 million. When PHI is released for a malicious intent, criminal penalties apply. The penalty for this violation is a jail term of 1 to 10 years. Covered entities also have pay extra costs in dealing with HIPAA probes and with respect to breach notifications as well as corrective actions.

Writen by Bradford Todd