We use cookies to give you the best online experience. By using our website you agree to our use of cookies in accordance with our cookie policy.

croom new

Preferred Blog

Preferred has been serving the Tinley Park area since 1991, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

Medical IT: How Is HITECH Doing?

Medical IT: How Is HITECH Doing?

Compliance laws regarding the storage and dispersion of healthcare records were implemented with the intended purpose of urging healthcare providers to better take care of their patients’ personal information, but how effective are they? Unfortunately, there are many providers that have failed to meet the standards for the HIPAA and HITECH compliance laws, and it has brought a hefty price tag along with it.

In 2016, the Office for Civil Rights (OCR) and the Department of Health investigated several data breaches that led to a considerable sum being claimed in response to violations of these compliance laws. In what totaled to 12 settlements following the investigations of data breaches caused by failure to comply with these laws, as well as one monetary civil penalty, these claims amounted to approximately $25,505,300 in fines.

Compare this to the more recent data. In 2017, there were only nine HIPAA settlements that produced a total of $19,393,000, as well as a single monetary civil penalty paid, a considerably smaller sum than the previous year. Clearly something is working here, but what is it? Perhaps it’s the fear that being negligent with important data could mean a large sum raining down on the heads of those who fail to adhere to these laws.

What’s even more interesting are the types of violations that led to these penalties. While the majority of these involve a failure to protect protected health information, or PHI, and its digital counterpart electronic protected health information (ePHI), there are a couple of outliers that are interesting to look at. Here are some of them:

  • Insufficient ePHI access control
  • Impermissible disclosure of ePHI
  • Careless handling of PHI
  • Multiple HIPAA violations
  • Delayed breach notifications
  • Lack of security management process
  • Lack of a business associate agreement

The majority of the issues revolving around HIPAA and HITECH compliance come from an inability to secure mobile devices, failure to implement proper security processes, and delaying breach notifications for far too long.

As for HITECH specifically, a recent lawsuit was filed in federal court against 60 hospitals over alleged failure to adhere to the HITECH Act. Specifically, these hospitals failed to adequately provide records and documentation for 50% of their patients within three business days of the request. This is one of the specific requirements for securing funding through the HITECH Act, so you can understand that this was quite a big red flag for government.

Consequently, these 60 hospitals from the state of Indiana now face charges totaling over $1 billion for failure to provide records as required, despite receiving the incentive payments totaling around $324 million. Additionally, these hospitals face claims that they violated the Anti-Kickback Statute and the False Claims Act for claiming that they were HITECH-compliant, when in reality they failed to meet the requirements of the regulation.

Not all practices fail to adhere to HIPAA and HITECH, though. Is your practice one of them? Answer with confidence today by reaching out to Preferred at 708-781-7110.

How to Best Utilize a Physical Backup
WARNING: A New Zero-Day Threat is On the Loose
 

Comments

No comments made yet. Be the first to submit a comment
Guest
Already Registered? Login Here
Guest
Sunday, December 22 2024

Captcha Image

Sign Up for Our Newsletter

  • First Name *
  • Last Name *

      Latest Blog Entry

      Stuff happens, and this stuff can often be bad. That’s an inescapable part of life, especially if you’re trying to run a successful business. That said, the consequences of this bad stuff can usually be minimized—if not mitigated entirely—when you have a proper disaster reco...

      Latest News

      Best Places to Work - 5 YEARS STRONG!!

      Preferred is once again, honored for being a Best Place to Work for the fifth straight year!  Our team is what makes Preferred a Best Place to Work.  

      Daily Herald Suburban Business 2024 Best Places to Work Honorees The Daily Herald Suburban Business has announced the names of 51 companies, in 5 categories of competition, that are honored as the 2024 Best Places to Work in Illinois. This statewide survey and awards program was designed to identify, recognize and honor the best places of employment in Illinois, benefiting the state's economy, its workforce and businesses.