HHS Puts Industry on Notice: OCR is Serious About HIPAA Enforcement

Posted by Jason Greis on March 2, 2011 under Articles | Be the First to Comment

On Feb. 22, 2011, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) announced that it had issued a civil money penalty (CMP) of $4.3 million against Cignet Health of Prince George’s County, MD., the first imposition of a CMP by OCR for a violation of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy Rule. Two days later, HHS announced that General Hospital Corporation and Massachusetts General Physicians Organization, Inc., collectively referred to as Mass General, agreed to pay $1 million to settle potential violations of the HIPAA Privacy Rule. Read More...

LTACH Medical Director and Medical Center Employees Receive Fines and Probation for HIPAA Violations

Posted by Jason Greis on December 5, 2009 under Articles | Be the First to Comment

In October 2009, a Federal judge in Arkansas sentenced the medical director of an Arkansas hospital-within-hospital LTACH and an account representative and emergency unit coordinator of the host hospital to fines and probation for violating the Health Insurance Portability and Accountability Act (“HIPAA”) by unlawfully viewing a high profile patient’s electronic medical records.  (U.S. v. Holland, E.D. Ark., No. 09-cr-168, sentencing Oct. 26, 2009; U.S. v. Griffin, E.D. Ark., No. 09-cr-169, sentencing Oct. 26, 09; U.S. v. Miller, E.D. Ark., No. 09-cr-170, sentencing Oct. 26, 2009).  Read More...

Stimulus Legislation Expands Privacy Regulation for Health Care Businesses

Posted by Jason Greis on March 2, 2009 under Articles | Be the First to Comment

Health care providers and any businesses that provide information technology services for them will be subject to much greater regulation of their information security practices as a result of a major component of the recent economic stimulus legislation. Known as the Health Information Technology for Economic and Clinical Health Act (or the “HITECH Act”), this portion of the federal economic stimulus package is the most expansive modification to the federal privacy and security rules for health-related businesses since the 1996 enactment of HIPAA. Read More...