HIPAA fines up 300% and there’s no end in sight
More HIPAA investigations and settlements are to come in 2017. This comes to no surprise as we are continuing to see an increase in healthcare breaches over the years and there’s no end in sight.
Not only are breaches increasing but for every breach that is investigated and settled, the Office of Civil Rights has the opportunity use the money collected from previous settlements to fund enhanced forces. Which is exactly what they intend to do.
Complying with HIPAA regulations has been a key message from the Office of Civil Rights for years, and it’s now time to compel healthcare organizations that have not taken it seriously to do so now. Even more OCR investigations, fines and settlements are expected in 2017. According to Edward Zacharias, a partner from McDermott Will & Emery specializing in compliance, before 2016, the previous record for total fines that OCR levied in any year was $7.9 million. Last year, settlement payments hit $25.6 million.
So how do you protect yourself from potential fines?
The first step is to ensure the right processes, procedures and documentation are in place.
The first step is to ensure the right processes, procedures and documentation are in place.
Next, ask yourself some questions:
- Does my organization have documentation outlining policies and procedures to address HIPAA compliancy?
- Does my organization have regular risk assessments?
- Do we have a standard information security policy?
- Does my organization have an effective incident response plan or disaster recovery plan?
If you answered no to any of these questions, take the next step and conduct some compliance assessments. Low-cost, DIY solutions are available. Or you can outsource the entire project. But the time to poke your head in the sand is done. Don’t get caught unprotected.