We used to ask the question, “What has changed for your business in healthcare this year?” but the better question today might be, “What hasn’t changed?” With EHR system upgrades/implementation, policy cancellations, continuing IT problems, and data security worries (along with IT functionality), we are constantly being reminded why new HIPAA rules, regulations, and compliance requirements are important to establishing the best PHI and ePHI protection and security. How important you say? Very.
Here are 8 reasons that explain why:
Reason #1: The HITECH Act and HIPAA Omnibus Rule have drastically increased civil penalties for non-compliance (and yes, any healthcare practice can be audited) from $25K to $1.5M a year PER VIOLATION!
Reason #2: New Breach Notification rules will increase the number of HIPAA violations determined to be breaches due to the expanded definition of a breach from the Omnibus Rule.
Reason #3: All covered entities must have documented policies and procedures regarding HIPAA compliance. Documentation is a very important part of HIPAA and if you haven’t heard, you should document everything!
Reason #4: Business Associates must be compliant with HIPAA privacy and Security Rules. The covered entity must ensure their BA’s are compliant as well.
Reason #5: While some incentive programs are optional for EHR’s, HIPAA compliance is not!
Reason #6: The Department of Health and Human Services (HHS) Office of Civil Rights (OCR) is constantly expanding their privacy and security enforcement teams for HIPAA compliance activities. Scared yet?
Reason #7: HIPAA compliance requires staff privacy and security training on a regular basis.
Reason #8: Protecting your practice means avoiding the HIPAA “Wall of Shame,” which is the list of healthcare organizations reporting major breaches and receiving penalties. This list is growing every year and yes, the details are available for the public!
Through the Kentucky Regional Health Information Organization (KRHIO), we are presenting a HIPAA Security training program for training compliance. Check it out and see what we have to offer. Be scared no more!