$100,000 HIPAA Enforcement


Several years after the HIPAA privacy and security standards became effective, the U.S. Department of Health and Human Services ("HHS") has stepped up its enforcement activities, recently fining a healthcare system $100,000 for HIPAA violations.

This is not HHS's first HIPAA enforcement action but is its most significant to date. In general, HHS' philosophy of enforcement has been to emphasize compliance rather than punishment, working with the provider to develop better systems and procedures. But with the imposition of this substantial monetary penalty, HHS has given real teeth to HIPAA enforcement and indicated an intention to become more punitive, presumably on the theory that providers have had sufficient time to bring their operations into compliance. Hospitals and other organizations subject to HIPAA should consider assessing their own compliance in light of this development.

LOADING PDF: If there are any problems, click here to download the file.

Published In: Health Updates

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Duane Morris LLP | Attorney Advertising

Don't miss a thing! Build a custom news brief:

Read fresh new writing on compliance, cybersecurity, Dodd-Frank, whistleblowers, social media, hiring & firing, patent reform, the NLRB, Obamacare, the SEC…

…or whatever matters the most to you. Follow authors, firms, and topics on JD Supra.

Create your news brief now - it's free and easy »