The Health Insurance Portability and Accountability Act; (HIPAA; Pub.L. 104–191, 110 Stat. 1936, enacted August 21, 1996) has been around a very long time. Originally created to ensure security and privacy of your medical information. Additional rules such as the Privacy Rule and Security Rule also apply.
HIPAA really came into existence once it became clear that the growth of technology within the medical industry would require formal controls.
Appointing a compliance officer
Under the rules of HIPAA a HIPAA compliance officer should be appointed. That role within your medical practice is to ensure ongoing risk assessment and compliance with HIPAA. Among the many roles of the compliance officer assisting the OCR (Office of Civil Rights) in the event of an investigation would also fall to this individual.
Who is covered under HIPAA?
The HIPAA rules apply to covered entities or business associates. Typical covered entities are doctors, clinics, physiologists, dentists, chiropractors, nursing homes to name a few. If you are a business doing business with an organization covered under HIPAA you should have a business associate agreement. If you are a practicing physician many resources are available such as the American Medical Association for example. You will typically find National resources made available for every type of activity covered under HIPAA.
Costs of being non-compliant
Fines can reach as high as $15 million dollars with that number multiplied by the years of non-compliance. Recent examples such as Tenet Healthcare that predicted it’s fines to be roughly $32.5 million dollars whilst other examples have been closer to $100 million dollars. And remember you are fined per violation. Recently a lost thumb drive cost $2.2 million dollars because data on this drive was readily readable by anyone. Engaging a professional in this industry is vital for your business. Risks of non-compliance are simply not worth taking.
HIPAA compliance assistance
Engaging our team is a vital step along the path of becoming compliant with HIPAA for your secure data transmission and networking. Whilst your EMR software is HIPAA compliant your own internal procedures and mechanisms need to be also. Call us today 231-946-1411 to learn more.