19 Nov 2009

Same Song, Different Verse

Posted by jvlawson

by James Lawson

So, remember a couple of weeks ago when I wrote about it being a tough week for HIPAA violators because of the two cases that had gone to trial that week? Well apparently the fun is not over for health care systems concerned about privacy breaches. It appears that the U.S. Department of Health and Human Services has now increased the level of fines available for HIPAA violations up to $1.5 million dollars based on a new interim final rule.  Healthcare IT News wrote about it last week, you can read the article here.

This is significant in that it changes the prior limits of breach from $100 for each violation or $25k for all identical violations all the way up to a new maximum penalty of $1.5 million. I  have to say, this  is now a significant penalty and could adversely effect a hospital’s bottom line. In fact, if you were to have a hospital that did not do a  really good job of securing patient data, it  could face many of these type of fines and possibly put that hospital out of business. This is a real game changer in my opinion. If you are a CIO, CEO, or privacy officer you likely now are going to have an additional ulcer from this one as now you may have to worry about bankrupting your hospital if you are not diligent in your duties of protecting patient data.

Interestingly enough I think it also bears mentioning that the same body that is levying the fines for this is also funded by those same fines, so I believe that there is a good chance we will some of these fines soon and likely a concerted effort by that body to fine many violators.

While we have this new update to the interim final rule, what we don’t have is a facility that has seen this penalty yet. When that happens it could be an event that shakes up the healthcare community to verify that they are protecting patient data or else suffer even more serious consequences.

Tags: , , , , , , , , , , ,

Subscribe to Comments

3 Responses to “Same Song, Different Verse”

  1. [...] of adverse events and possible loss if the events occur. With data breaches increasing, fines for HIPAA violations up to $1.5 million dollars, and additional resources allocated to enforcing the HIPAA privacy and security rules, I think [...]

     

    What’s In Your Budget? « Patient Privacy Matters

    November 24th, 2009 at 2:43 pmpermalink

  2. [...] Interestingly enough, I don’t believe any fines have been levied yet. Based on some of the latest legislation changes, these fines are likely to be [...]

     

    Houston HIPAA Violations « Patient Privacy Matters

    December 4th, 2009 at 6:51 pmpermalink

  3. Interesting! Right now I have a serious HIPAA and Privacy Act violation against more than twenty employees in a federal hospital. I am a veteran and also an employee. Due to the system filter that we have, I caught coworkers of mine, even from my unit accessing my record more than once. I have a list of those people that access my sensitive record and I started a legal process against them. Any information that you can provide to me will be accepted. Thank You very much! It is important to deal with this issue; many people like myself have thought to quit the job and even to think in suicide.

     

    Leslie A. Rosado

    January 8th, 2010 at 8:54 pmpermalink

Leave a Reply

Message:

CommentLuv Enabled