HIPAA

The Health Insurance Portability and Accountability Act of 1996

HIPAA

The Health Insurance Portability and Accountability Act of 1996

The Health Insurance Portability and Accountability Act of 1996 (HIPAA) is a federal law that requires the creation of national standards to protect sensitive patient health information.

To comply with HIPAA regulations, all covered entities must ensure the confidentiality, integrity, and safety of all electronic protected health information (ePHI).

The following types of individuals and organizations are subject to the Privacy Rule and are considered covered entities: Healthcare providers, Health plans, Healthcare clearinghouses, and Business associates

File a Complaint with HHS

Back up procedures for EMR

• Data Backup Plan

• Data is housed in a separate location in case of disaster

Annual Risk Analysis

• Periodic risk assessment and analysis with logs

Workforce Security

• Unique User Policy, Emergency Access Procedure and other important security safeguards

Information Systems

• Information system security policy and control

• Electronic data breach protection and hacking procedures

Device and Media Controls

• Electronic media use policy

• Data backup and storage procedures and data loss prevention

Cybersecurity Report Shows 320% Increase In Hacking Attacks

Source:

 

How We Can Help

We have years of experience with the Health Insurance Portability and Accountability Act of 1996 (HIPAA). Over the years, we have conducted many HIPAA audits for our clients. Audits consist of policy and technical audits to ensure systems comply with HIPAA guidelines and procedures.

 

Fines and Penalties

HIPAA violations can range from $100 to $250,000 based on various factors; in some cases, jail time could occur. HIPAA violations occur in two sectors of penalties; civil and criminal penalties. Civil Penalties are penalties that are violations that are not intentional. Criminal violations are usually deliberate and involve higher penalties and possible jail time.

 

CIVIL PENALTIES

  • $100 to $50,000 when a violation is attributed to ignorance
  • $1,000 to $50,000 when a violation occurs despite reasonable vigilance
  • $10,000 to $50,000 when a violation is attributed to willful neglect but is corrected within 30 days
  • $50,000 (maximum fine per violation) when a violation occurs due to willful neglect and is not corrected within 30 days

CRIMINAL PENALTIES

  • $50,000 plus up to one year of jail time if a violation occurs when someone knowingly disclosed PHI
  • $100,000 plus up to five years of jail time if a violation occurs under false pretenses
  • $250,000 plus up to 10 years of jail time if a violation is committed for personal gain (e.g. selling PHI)

Source 

 

Resources & FAQ

Contact Us!

Contact Us!

Office

LA PC Center / 303 N Glenoaks Blvd, Suite 200 Burbank, CA 91502

Hours

M-F: 8am – 6pm
S-S: Closed

Call Us

‪(818) 945-0908