A large HIPAA breach settlement after a hospital system’s alleged failure to follow the feds’ suggested solution is a reminder that when it comes to enforcement, the government is holding all the cards.
While the Privacy Rule applies to various types of health information, the Security Rule only applies to electronic protected health information (ePHI). The major goal of the Security Rule is to ensure proper safeguards are in place for the storing, maintaining, and transmission of ePHI.
With 2020 underway, it’s a good time for facilities to review the standards set forth by the rules that define HIPAA regulations. Without a thorough understanding throughout an organization, it can be easy for violations to occur.
The Office for Civil Rights (OCR) reached a settlement with Korunda Medical LLC, a Florida-based company, on December 11 for a potential violation of the HIPAA Privacy Rule’s right-of-access provision.
When voluntary disclosure for overpayments is an option rather than an obligation, the provider may encounter diverse opinions among its decision-makers. Some may express a desire to bring the potential problem to the attention of the government and attempt to resolve the matter quickly without incurring criminal penalties, civil fines, or exclusions.
