Don’t Ring in the New Year with a HIPAA Audit – Safeguard Yourself Now

1 Indest-2008-1By George F. Indest III, J.D., M.P.A., LL.M., Board Certified by The Florida Bar in Health Law

Here’s a scary reminder: There are people attempting to hack into electronic health systems every second of every day. Thankfully, most of these attempts are unsuccessful due to the preventive technologies in place to safeguard such information. However, electronic data will never be 100 percent secure.

Electronic health records promised was intended to be a tool for doctors to share patient data, reduce prescription drug errors, and allow patients convenient access to their records. However, since the transition to digital medical records, there have been concerns from patients about privacy, security and identity theft.

Recently, the Office for Civil Rights (OCR) announced that the agency will ramp up its Health Insurance Portability and Accountability Act (HIPAA) privacy and security audit program in 2015 for covered entities and business associates. These audits will focus on device encryptions, media controls, data transmission security protocols, and staff training on HIPAA policies and procedures.

Now is the time to ensure compliance.

Real World Privacy Breaches Happen All the Time.

On December 2, 2014, OCR and Anchorage Community Mental Health Services, Inc. (ACMHS), settled alleged violations of the HIPAA Security Rule. OCR started an investigation into ACMHS’s compliance with HIPAA after receiving a notification about a breach of unsecured electronic patient information affecting 2,743 individuals. The breach resulted from malware that compromised ACMHS’s information technology resources. According to the settlement, ACMHS must pay a $150,000 fine and enter into a resolution agreement and corrective action plan (CAP).

In November 2014, Beth Israel Deaconess Medical Center in Massachusetts agreed to a $100,000 settlement after a physician’s laptop was stolen from the hospital. The computer was not issued by the hospital and had not been encrypted in accordance with the hospital’s policies. However, the hospital was aware that the physician used the device. The laptop contained the health information and personal information, including Social Security numbers, of nearly 4,000 individuals. It’s alleged the hospital took three months to notify affected patients about the breach, which is a violation of HIPAA. (HIPAA requires such notifications to take place within 60 days.)

Tips to Protect Yourself and Your Business.

Again, the HIPAA audit program will be resuming after the first of the year. Accordingly, hundreds of covered entities and business associates will be receiving inquiries that could lead to an onsite audit. The audit requirements will be very difficult for organizations that have not planned in advance. Here are three easy-to-implement steps to prepare your practice.

1. Review the latest HIPAA policies and procedures. Make sure your office is meeting the latest privacy and security criteria. Identify gaps, update documents, and retrain staff on HIPAA policies and procedures. Don’t forget to document your educational efforts. Click here for a link to the latest policies and procedures.

2. Contact your business associates. Ask each of them to provide your practice with an updated Business Associate Agreement and list of all subcontractors they use. For business associates, the 2015 HIPAA audits will focus on risk analysis, risk management and updated policies and procedures for breach notification.

3. Have a risk assessment performed on your practice. To learn more about risk assessments, click here for a previous blog.

Also, a violation of the HIPAA privacy and security provisions does carry civil and criminal penalties. Anyone who is a health care professional or facility, should be aware of these legal provisions. Click here to read my previous blog.

HIPAA is Not One Size Fits All.

Protecting patient data is not a one-size-fits-all method, meaning that security measures and access to electronic records should not necessarily be uniform. There needs to be processes and check points in place at practices to ensure that the electronic health record system and its many users consistently meet HIPAA policies and procedures. Health care practices must be vigilant that when they integrate other medical practices and facilities into their organization that they extend these measures to incorporate new employees, new sites and locations, and various technologies.

As demonstrated throughout this blog, the risks of non-compliance simply outweigh the costs of sound preparation. If you’d like more information, contact a health law attorney experienced in these matters.

Comments?

Are you worried about the next round of HIPAA audits? Are you concerned about HIPAA violations? How are you ensuring compliance within your practice? Please leave any thoughtful comments below.

Contact a Health Law Attorney Experienced in Defending HIPAA Complaints and Violations.

The attorneys of The Health Law Firm represent physicians, medical groups, nursing homes, home health agencies, pharmacies, hospitals and other health care providers and institutions in investigating and defending alleged HIPAA complaints and violations and in preparing Corrective Action Plans (CAPs).

For more information about HIPAA violations, electronic health records or corrective action plans (CAPs) please visit our website at www.TheHealthLawFirm.com or call (407) 331-6620 or (850) 439-1001.

Sources:

Van Terheyden, Nick and Faix, Rob. “Digital Health Records: Pain and Gain.” Orlando Sentinel. (December 12, 2014). From: The Orlando Sentinel News Section on page A20.

“Beth Israel Agrees To Pay $100K To Settle 2012 Data Breach Case.” iHealthBeat. (November 25, 2014). From: http://www.ihealthbeat.org/articles/2014/11/25/beth-israel-agrees-to-pay-100k-to-settle-2012-data-breach-case?view=print

About the Author: George F. Indest III, J.D., M.P.A., LL.M., is Board Certified by The Florida Bar in Health Law. He is the President and Managing Partner of The Health Law Firm, which has a national practice. Its main office is in the Orlando, Florida, area. www.TheHealthLawFirm.com The Health Law Firm, 1101 Douglas Ave., Altamonte Springs, FL 32714, Phone: (407) 331-6620.


“The Health Law Firm” is a registered fictitious business name of George F. Indest III, P.A. – The Health Law Firm, a Florida professional service corporation, since 1999.
Copyright © 1996-2014 The Health Law Firm. All rights reserved.

By |2024-03-14T10:00:58-04:00June 1, 2018|Categories: Electronic Health Record, HIPAA, The Health Law Firm Blog|Tags: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , |Comments Off on Don’t Ring in the New Year with a HIPAA Audit – Safeguard Yourself Now
Read More

GOP Close to Repeal of Medical Device Tax: Will Elimination of this Key Funding Also Eliminate the Affordable Care Act?

By George F. Indest III, J.D., M.P.A., LL.M, Board Certified by the Florida Bar in Health Law

00011_RT8With the support of Democrats, Congressional Republicans may be close to getting the votes they want to push President Obama to accept a repeal of the medical device tax, which helps fund the Affordable Care Act. Some Republican candidates for president are pushing for change in the Senate’s filibuster rules so they can repeal the law. Click here for more info on the Medical Device Tax.

Congressional Republicans Want Repeal of Medical Device Tax to Eliminate ACA.

Congressional Republicans believe that the repeal of the tax on medical devices is the best way to weaken the Affordable Care Act. The House already voted to repeal the tax. The Senate Republicans are now also trying to undo the tax. With many Democrats also opposing the tax, lawmakers think they are getting closer to the ideal number of votes needed to override a presidential veto.

Obama Able to Veto GOP’s Changes.

With last year’s Supreme Court approval of the statute’s federal subsidies, millions of Americans have been able to afford health care for the first time. However, this seemed to crush the GOP’s plan to force President Obama’s health law out. House Republicans see a repeal of the medical devices tax as a roundabout way of repealing the ACA.

Click here to see what Hillary Clinton recently said about the GOP’s mission to repeal Obamacare.

New Fissures Being Made for 2016 Presidential Primary.

The Senate is creating new fissures for the 2016 election: Candidates outside of Washington are trying to terminate the filibuster to repeal the Affordable Care Act. Meanwhile, GOP senators are pursuing the White House, wanting to keep the 60-vote threshold.

Contact Health Law Attorneys Experienced in Representing Health Care Professionals.

At the Health Law Firm we provide legal services for all health care providers and professionals. This includes physicians, nurses, dentists, psychologists, psychiatrists, mental health counselors, Durable Medical Equipment suppliers, medical students and interns, hospitals, ambulatory surgical centers, pain management clinics, nursing homes, and any other health care provider. We represent facilities, individuals, groups and institutions in contracts, sales, mergers and acquisitions.

The services we provide include reviewing and negotiating contracts, business transactions, professional license defense, representation in investigations, credential defense, representation in peer review and clinical privileges hearings, Medicare and Medicaid audits, commercial litigation, and administrative hearings. To contact The Health Law Firm, please call (407) 331-6620 or (850) 439-1001 and visit our website at www.TheHealthLawFirm.com.

To contact The Health Law Firm, please call (407) 331-6620 or (850) 439-1001 and visit our website at www.TheHealthLawFirm.com.

Comments?

Are you a Democrat who opposes the Affordable Care Act? What do you think of the GOP’s plan to weaken the ACA? Please leave any thoughtful comments below.

Sources:

Associated Press. “Clinton warns GOP will repeal Obamacare: Democratic candidate speaks in Hanover.” (July 4, 2015). From: http://www.wmur.com/politics/clinton-warns-gop-will-repeal-obamacare/33986414

Kaiser Health News. “GOP Eyes Medical Device Tax, Change To Filibuster Rules To Fight Health Law.” (July 1, 2015). From: http://khn.org/morning-breakout/gop-eyes-medical-device-tax-change-to-filibuster-rules-to-fight-health-law/

ObamaCare Facts. “ObamaCare Medical Device Tax.” From: http://obamacarefacts.com/obamacare-medical-device-tax/

About the Author: George F. Indest III, J.D., M.P.A., LL.M., is Board Certified by The Florida Bar in Health Law.  He is the President and Managing Partner of The Health Law Firm, which has a national practice.  Its main office is in the Orlando, Florida, area.  www.TheHealthLawFirm.com  The Health Law Firm, 1101 Douglas Ave., Altamonte Springs, FL 32714, Phone: (407) 331-6620.

KeyWords:
GOP, Congressional Republicans, Republicans, Affordable Care Act, ACA, medical device tax, attorney, health law lawyer, health law attorney, Senate, filibuster rules, tax repeal, Supreme Court, health care, health care lawyer, health care attorney, the health law, health law vote

The Health Law Firm” is a registered fictitious business name of George F. Indest III, P.A. – The Health Law Firm, a Florida professional service corporation, since 1999.
Copyright © 1996-2015 The Health Law Firm. All rights reserved.

By |2024-03-14T10:01:00-04:00June 1, 2018|Categories: In the News, The Health Law Firm Blog|Tags: , , |Comments Off on GOP Close to Repeal of Medical Device Tax: Will Elimination of this Key Funding Also Eliminate the Affordable Care Act?
Read More
“The Health Law Firm” is a registered fictitious business name of George F. Indest III, P.A.
The Health Law Firm, a Florida professional service corporation, since 1999.
Copyright © 2022 The Health Law Firm. All rights reserved.
FacebookInstagramLinkedInTwitterYouTube
Toggle Sliding Bar Area
Go to Top