Avoid Financial Sanctions with the Proper HIPAA/HITECH Compliance Plan | Merit Career Development Blog

Avoid Financial Sanctions with the Proper HIPAA/HITECH Compliance Plan

Doctors Studying Data on Computer The Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the Health Information Technology for Economic and Clinical Health Act of 2009 (HITECH) as amended by the HIPAA Omnibus Rule in 2013 define the regulations for the private and secure management of health information. Covered entities and business associates that neglect adhering to these regulations can face rigid sanctions from a multitude of agencies, including the U.S. Department of Health and Human Services (HHS), its Office for Civil Rights (OCR), the Federal Trade Commission and state Attorneys General.

Each regulatory agency can impose fines against covered entities and business associates that fail to document, investigate and remedy HIPAA and HITECH violations. Without the proper compliance planning, covered entities and business associates can be slammed with heavy financial penalties and regulatory oversight, as happened to Cignet Health of Prince George's County in Maryland.

Learning from the Past

According to Healthcare ITNews, Cignet denied 41 patients access to their medical between September 2008 and October 2009, a right guaranteed by the HIPAA Privacy Rule. Cignet further failed to cooperate with OCR's investigation of the patients' complaints and with HHS' subpoena for the records, which was enforced by the District Court.

The court levied a $1.3 million fine against Cignet for failing to grant access to the patients' records, and an additional $3 million for willful neglect of the HIPAA Privacy regulations.

The time for proper HIPAA and HITECH compliance planning is now.

Training Modules Available

"HIPAA and HITECH, Pathway to Compliance" is a four-part do-it-yourself instructional series that guides its users in drafting a HIPAA/HITECH Compliance Plan. Each part provides regulatory information and resources necessary to build a customized plan. Documentation developed in this series can be used when faced with OCR investigations and/or audits to demonstrate compliance efforts.

In this series, Patricia Wynne, Esq., CIPP, a seasoned HIPAA/HITECH subject matter expert familiar with the day-to-day challenges of compliance, presents guidelines for drafting a Compliance Plan that are easy to understand and practical to implement - not bogged in technical jargon. Each course is one hour in length and includes case studies and questions to enhance learning, as well as resources that can be downloaded and used in the compliance planning process. Now is the time to build your HIPAA/HITECH Compliance Plan with the professional insight of Merit Career Development.

HIPAA and HITECH, Pathway to Compliance on Udemy
Click here to access Part 1: Policies & Procedures
Click here to access Part 2: Complaints & Breaches
Click here to access Part 3: Assessments & Risk Analysis
Click here to access Part 4: Workforce Training

HIPAA and HITECH, Pathway to Compliance on Arbington
Click here to access Part 1: Policies & Procedures
Click here to access Part 2: Complaints & Breaches
Click here to access Part 3: Assessments & Risk Analysis
Click here to access Part 4: Workforce Training

Trackbacks

Trackback specific URI for this entryTrackback URL

Comments

Add Comment

Enclosing asterisks marks text as bold (*word*), underscore are made via _word_.
Standard emoticons like :-) and ;-) are converted to images.
E-Mail addresses will not be displayed and will only be used for E-Mail notifications.

To prevent automated Bots from commentspamming, please enter the string you see in the image below in the appropriate input box. Your comment will only be submitted if the strings match. Please ensure that your browser supports and accepts cookies, or your comment cannot be verified correctly.
CAPTCHA

BBCode format allowed