Good News for Health Entities: HIPAA Compliance is your insurance policy
The Feds recently announced that in cases where organizations have no culpability in a privacy violation, fines will now be capped at capped at $25,000 a year — a fraction of the previous $1.5 million limit, according to a new notice from the U.S. Department of Health & Human Services. The annual limit is per year for each year the violation persisted — meaning actual fines could still rack up.
In addition, even in cases where an organization neglected HIPAA compliance, those that remedy situations quickly will face lesser financial consequences than those that don’t.
In short, a comprehensive, enterprise-wide compliance program truly serves to protect an organization from the worst financial consequences. Read details of the changes in Becker’s Hospital Review. And here is another good explanation in the Journal of AHIMA.