Are you ready for the HIPAA police?

By Diane Evans
Publisher, MyHIPAAGuide.com

If you haven’t been following HIPAA news lately, you may have missed some interesting stories.

One example: In a precedent-setting case, a 64-year-old Massachusetts physician now faces federal charges for allegedly taking money and meals from the drug company Warner Chilcott, with one charge relating to a criminal violation of patient privacy under the Health Insurance Portability and Accountability Act (HIPAA).

A blog post published on the website of the National Law Review notes that the case should be of great interest to the health care community for the “new twist’’ of a criminal charge under HIPAA.  You have to wonder: Is HIPAA the new tax evasion fallback for federal investigators?

In another recent case, an affiliate organization of the University of the Washington Medical Center agreed to a $750,000 settlement, as a result of an employee downloading an email attachment that contained malicious malware. The feds concluded that electronic Protected Health Information (e-PHI) was comprised due to the lack of a proper risk assessment and risk mitigation.

With federal audits set to begin in 2016, and with uniform reporting rules for meaningful use of electronic records recently announced, are you ready?

MyHIPAAGuide.com can help. MyHIPAAGuide.com is a news and information service offering:

  • News updates on HIPAA rules;

  • Forum boards, where you can compare notes on HIPAA compliance and share experiences – good or bad – different kinds of software and equipment;

  • A catalog of 40+ carefully-picked federal government resources, including tutorials, templates and how-to videos, organized around a 10-step compliance plan published by the U.S. Department of Health and Human Services.

The 10-step plan, available for public viewing on MyHIPAAGuide.com, organizes compliance around an easy checklist of things you need to do. For example, if you are still using old Patient Privacy Notices, it is likely you will need to upgrade to new consent notices designed to achieve what is called “meaningful consent.” You’ll also want to make sure your Business Associate Agreements (BAAs) are in place, and updated to reflect security precautions for ePHI.

Resources available on MyHIPAAGuide.com include:

  • Patient Privacy Notices to help achieve meaningful consent, available both in English and Spanish

  • Short videos that capture the essence of a risk assessment

  • Self-evaluation tools to help guide organizations large and small

  • Sample provisions for Business Associate Agreements (BAA)

  • Guides that address specific issues, such as recommendations for safely reporting patient test results

  • Risk analysis tools, with both Windows and iPad versions

  • Patient education

MyHIPAA Guide helps HIPAA-covered organizations prepare for financial incentives from Medicare and Medicaid — and avoid penalties.

Questions? Contact Diane Evans at [email protected]

MyHIPAAGuide.com is published by M.E.D. Media Mart LLC, based in Akron, Ohio.

myhipaa guide

Upcoming Webinars

[add_eventon_list hide_month_headers="no" hide_empty_months="yes" event_order="ASC" number_of_months="3" ]

New Social Media Course

MyHIPAA Guide is offering a new social media course that will help you protect your organization from potential privacy violations that result from social media

Read More »

Upcoming Events

10 Steps to Compliance