HIPAA Settlement Illustrates the Importance of Compliance Due Diligence

Tucker Arensberg, P.C.
Contact

Tucker Arensberg, P.C.In any Healthcare M&A transaction, performing thorough due diligence is important.  Depending on the nature of the business, this due diligence often includes an assessment of the seller’s compliance with the Health Insurance Portability and Accountability Act (HIPAA) and its rules and regulations.  The Office for Civil Rights in the US Department of Health and Human Services (OCR) recently announced a Three Million Dollar settlement with a diagnostic medical imaging company related to potential violations of the HIPAA Security and Breach Notification Rules.  This settlement arose out of an FTP server which allowed access to protected health information visible on the internet.  OCR noted in its press release that notifications to individuals affected by the breach were untimely, an accurate and thorough risk analysis was not conducted, and that business associate agreements were not in place with vendors.  For those readers less familiar with prior settlements reached for alleged violations of HIPAA, the lack of a risk analysis and appropriate business associate agreements are common themes seen in settlements and therefore should be appropriately considered in conducting transactional due diligence.  For additional detail, please review the Resolution Agreement and Corrective Action Plan.

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Tucker Arensberg, P.C. | Attorney Advertising

Written by:

Tucker Arensberg, P.C.
Contact
more
less

Tucker Arensberg, P.C. on:

Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
- hide
- hide

This website uses cookies to improve user experience, track anonymous site usage, store authorization tokens and permit sharing on social media networks. By continuing to browse this website you accept the use of cookies. Click here to read more about how we use cookies.