HIPAA Privacy and Security standards must be addressed by a series of policies and procedures that work throughout your entire practice, according to federal regulation. These policies and procedures form the basis of an effective compliance program–all activities involving the use, storage, and distribution of protected health information (PHI) are governed by these regulatory standards.
Understanding HIPAA security standards is an important element in becoming HIPAA compliant. HIPAA regulation mandates that covered entities, such as physicians, insurance companies, and health care clearinghouses, implement an effective compliance program that addresses the full spectrum of security standards to safeguard patient health data.
The March 1st HIPAA Breach Report Deadline is fast approaching. The HIPAA Breach Notification Rule requires health care providers to report breaches of unsecured protected health information (PHI) within 60 days from the end of the calendar year to the Department of Health and Human Services (HHS) Office for Civil Rights (OCR).
Presence Health is one of Illinois’ major healthcare networks. Presence operates physicians’ offices and health care centers and offers home care, hospice care, and behavioral health services, as well.
Historically, medical specialists working in behavioral health services have been largely spared from large-scale HIPAA enforcement fines. But this fine suggests a growing trend in HIPAA enforcement–settlements are quickly moving away from traditional enforcement, into more niche health care sectors.
Last week, the Department of Health and Human Services (HHS) Office for Civil Rights (OCR) announced its first HIPAA settlement of 2017 with Presence Health for $475,000.This is the first fine in the history of HIPAA enforcement levied for a failure to notify over 800 patients of a breach of unsecured protected health information (PHI) in accordance with the standards of the HIPAA Breach Notification Rule. PHI includes any health data containing identifiable information like dates of birth, names, addresses, etc.
HIPAA, HITECH, Omnibus, PCI regulations – these are words that can strike fear into the heart of any Behavioral Health organization. They don’t need to as we found after speaking with our guest today on Mental Health News Radio. We sat down with Marc Haskelson, the President and CEO of Compliancy Group, to find out how easy compliance can be.
Complimentary Webinars on Compliancy in Behavioral Health
Please join us by registering here.