Tuesday, 23 January 2018 11:54

2017 HIPAA Cases: Here's the message Featured

Written by

At the start of each new year, it is always good to look back at federal settlements under the Health Insurance Portability and Accountability Act (HIPAA).  That is how you know matters most to the Feds in terms of privacy enforcement.

From 2017,  here is a short list of key messages:

  • It’s your job to understand HIPAA requirements.
  • Execute Business Associate Agreements with vendors and independent contractors with potential access to private health information.
  • Don’t rest easy because you have security policies; you also need to manage security processes for daily vigilance.
  • If you do experience a breach, report to the Feds in a timely manner.
  • Be sure to monitor activity on your databases.

Now let’s take these one by one, with examples illustrating each point.

Understanding HIPAA requirements:

In a case involving CardioNet, a provider of remote mobile monitoring of heart patients, the Feds said that a lack of understanding of HIPAA creates risk.  CardioNet paid the cost of such ignorance in a $2.5 million settlement, stemming from a laptop stolen from an employee’s vehicle, and containing private health information.  Read the Press Release.

  • Business Associate Agreements:

In April, the Feds put out a news alert with the headline, No Business Associate Agreement? $31K Mistake.

It’s was as if to say “Gotcha”  -- albeit in a small settlement by HIPAA standards.  The case involved a children’s digestive health center.  As the Feds were investigating one of the center’s Business Associates, they discovered the absence of a Business Associate agreement, which was the health center’s responsibility to execute. Read the Resolution Agreement and Corrective Action Plan - PDF.

  • Security management:

In a case involving unauthorized access to health information,  Memorial Healthcare System (MHS) paid the Feds $5.5 million to settle potential violations.  Private health information had been impermissibly accessed and disclosed through login credentials of a former employee of an affiliated physician’s office.  For a year’s time, the unauthorized access took place on a daily basis -- and without detection due to a failure to monitor of database activity.  Read the Resolution Agreement.

  • Timely breach response:

A case involving Children’s Medical Center of Dallas (Children’s) stemmed from impermissible disclosure of unsecured, electronic health information and non-compliance with HIPAA standards over many years, according to the Feds. The Feds issued a notice to Children’s, which included instructions for how Children’s could file a request for a hearing. Children’s did not request a hearing. Children’s paid a civil penalty of $3.2 million, and the Feds called out the issue of timely response. Read the Press Release.

  • Monitor databases:

This is essential to HIPAA compliance.  In a case resulting in a $2.3 million settlement,  the Federal Bureau of Investigation (FBI) notified  21st Century Oncology, Inc. (21CO)

on two separate occasions that patient information was illegally obtained by an unauthorized third party.  Evidence included 21CO patient files purchased by an FBI informant. Among other things, the Feds determined that 21CO failed to implement procedures to regularly review records of information system activity, such as audit logs, access reports, and security incident tracking reports. Read the News Release.

The vast majority of HIPAA cases are resolved through corrective action plans that the Feds monitor.  While that means no fine, you'll still have the Feds hovering over you for a while.

Read 267 times Last modified on Friday, 02 February 2018 13:52


  • Comment Link adidas tubular x Friday, 04 May 2018 03:20 posted by adidas tubular x

    My spouse and i have been quite peaceful Jordan could conclude his investigation from the ideas he gained through your web pages. It's not at all simplistic to simply possibly be giving out tips and hints which usually some people have been making money from. Therefore we consider we now have the blog owner to give thanks to for this. Most of the illustrations you made, the easy site navigation, the relationships your site aid to foster - it is most terrific, and it's assisting our son in addition to us do think the article is enjoyable, and that is quite serious. Thanks for all the pieces!

  • Comment Link burberry outlet online Thursday, 03 May 2018 07:44 posted by burberry outlet online

    I precisely wished to thank you very much all over again. I'm not certain the things that I could possibly have accomplished without the entire information documented by you directly on my situation. It absolutely was a real fearsome condition in my view, nevertheless finding out a new specialised form you resolved the issue made me to weep over gladness. I am just happy for this advice as well as hope you recognize what a great job you are always carrying out teaching most people thru a blog. I am certain you have never met all of us.

  • Comment Link air jordan shoes Wednesday, 02 May 2018 04:03 posted by air jordan shoes

    I am glad for commenting to let you be aware of what a superb experience my friend's daughter obtained browsing your web site. She discovered many details, including how it is like to have a very effective giving style to make the others very easily know precisely specific grueling things. You actually exceeded our own expected results. I appreciate you for displaying such necessary, trustworthy, educational and even easy thoughts on the topic to Tanya.

  • Comment Link yeezy boost 350 Tuesday, 01 May 2018 01:43 posted by yeezy boost 350

    I precisely had to thank you so much once again. I do not know the things I could possibly have taken care of in the absence of the actual solutions contributed by you over such a industry. It became an absolute traumatic concern in my circumstances, nevertheless being able to see the specialised mode you processed that took me to cry over fulfillment. I'm just happy for this help as well as have high hopes you know what an amazing job you are accomplishing instructing the mediocre ones using your webpage. I know that you haven't come across all of us.

  • Comment Link kobe basketball shoes Monday, 30 April 2018 00:33 posted by kobe basketball shoes

    I definitely wanted to jot down a small word to thank you for those amazing tips you are sharing at this site. My prolonged internet look up has at the end been recognized with really good concept to exchange with my friends and classmates. I would mention that many of us readers are undeniably endowed to be in a fantastic network with many outstanding individuals with beneficial opinions. I feel extremely fortunate to have come across your web pages and look forward to so many more entertaining moments reading here. Thank you once again for everything.

  • Comment Link yeezy sneakers Sunday, 29 April 2018 07:36 posted by yeezy sneakers

    I have to express some appreciation to this writer for rescuing me from this type of situation. As a result of surfing around throughout the the web and getting advice which are not powerful, I figured my life was done. Being alive minus the approaches to the issues you've sorted out through your entire write-up is a crucial case, as well as those which could have badly damaged my career if I hadn't encountered your web site. Your actual skills and kindness in taking care of every aspect was precious. I'm not sure what I would have done if I had not come across such a subject like this. I am able to at this point look ahead to my future. Thanks for your time very much for the specialized and effective help. I won't hesitate to refer your site to any individual who would like guide about this subject.

  • Comment Link nike roshe one Saturday, 28 April 2018 08:32 posted by nike roshe one

    I am just writing to let you understand of the really good experience my cousin's princess went through going through your web site. She came to find a lot of things, including how it is like to have a very effective giving mindset to make others really easily have an understanding of specified impossible subject areas. You undoubtedly did more than people's desires. Many thanks for providing those productive, healthy, informative and also easy thoughts on your topic to Emily.

  • Comment Link Adidas NMD XR1 White Red Saturday, 28 April 2018 02:16 posted by Adidas NMD XR1 White Red

    I and also my guys were found to be reviewing the great advice on your web blog and the sudden developed a horrible feeling I never thanked the website owner for those tips. Most of the ladies became totally glad to read through them and already have undoubtedly been loving them. I appreciate you for genuinely considerably kind and also for getting this kind of quality issues millions of individuals are really wanting to understand about. My honest apologies for not expressing appreciation to you sooner.

  • Comment Link paul george shoes Friday, 27 April 2018 13:12 posted by paul george shoes

    I want to convey my passion for your kindness supporting men and women who need guidance on this important issue. Your very own dedication to getting the message along has been wonderfully powerful and have constantly allowed women just like me to arrive at their desired goals. Your useful tutorial implies this much a person like me and especially to my peers. With thanks; from each one of us.

  • Comment Link Michael Kors Logo Signature Large Grey Wallets Thursday, 26 April 2018 20:34 posted by Michael Kors Logo Signature Large Grey Wallets

    Thank you so much for giving everyone such a terrific possiblity to discover important secrets from this website. It can be so useful and full of amusement for me personally and my office fellow workers to visit your website at least thrice per week to find out the new tips you have. And lastly, I am certainly satisfied with the powerful points you give. Some 3 ideas in this article are completely the most suitable we have had.

Leave a comment

Make sure you enter all the required information, indicated by an asterisk (*). HTML code is not allowed.

10 Step HIPAA Plan

  • Step 1: Confirm you are a covered entity +

    What's Inside:
    Lists of who is generally covered and who is not, plus contact for inquiries.
  • Step 2: Provide leadership +

    What's Inside:
    • 7-page HIPAA basics
    • 62-page guide to security and privacy of ePHI
    • Compliance Charter Template
  • Step 3: Document processes, findings, and actions +

    What's Inside:
    Templates for Security Policies and Procedures
  • Step 4: Conduct a security risk analysis +

    What's Inside:
    • Guides
    • Short videos
    • Interactive quizzes on risk assessment and contingency preparation
    • 10 common myths

    Interactive tutorial – 156 questions with fill-able PDFs for Windows or iPad. All material from federal sources.
  • Step 5: Develop an action plan +

    What's Inside:
    • 11-page overview on ePHI for small practices
    • 4-page Q&A addresses email with patients
    • Checklists

    Toolkit on 45 implementation specifications
  • Step 6: Manage and mitigate risks +

    What's Inside:
    • Overview of expectations
    • Annual Work Plan Template
  • Step 7: Prevent breaches +

    What's Inside:
    • Form for reporting brief notification
    • Links to details on the notification process and what constitutes a breach.
    • Suite of Training Materials
  • Step 8: Communicate with patients +

    What's Inside:
    FOR ALL:
    Privacy notice templates to help achieve meaningful consent, in English & Spanish.

    Professionals' guide covering 2013 updates on communications.

    Electronic toolkit with patient education and meaningful consent sample materials.
  • Step 9: Update or execute Business Associate Agreements (BAAs) +

    What's Inside:
    • Sample Business Associate Agreement (BAA) provisions
    • Suite of BA Management Tools
  • Step 10: Attest to Compliance with Security Objectives +

    What's Inside:
    • Tip sheets
    • Short videos
    • Overviews

    • 94-page guide on the EHR incentive program
    • Beginners' toolkit on reporting to the government

    All from federal sources.
  • 1


Member Access