$100,000 HIPAA Enforcement


Several years after the HIPAA privacy and security standards became effective, the U.S. Department of Health and Human Services ("HHS") has stepped up its enforcement activities, recently fining a healthcare system $100,000 for HIPAA violations.

This is not HHS's first HIPAA enforcement action but is its most significant to date. In general, HHS' philosophy of enforcement has been to emphasize compliance rather than punishment, working with the provider to develop better systems and procedures. But with the imposition of this substantial monetary penalty, HHS has given real teeth to HIPAA enforcement and indicated an intention to become more punitive, presumably on the theory that providers have had sufficient time to bring their operations into compliance. Hospitals and other organizations subject to HIPAA should consider assessing their own compliance in light of this development.

LOADING PDF: If there are any problems, click here to download the file.

Published In: Health Updates