ClevX™, an intellectual property (IP) development and licensing company in Kirkland, WA, manufactures a secure USB flash drive called LokIt Secure Flash Drive®. It significantly limits risks related to loss or theft.
Test your knowledge of HIPAA: Is it permissible to leave voice messages on patients' home or work phones reminding them of appointments? Is it okay to use stickers on the outside of a patient's chart to remind us of his or her payer source? I need to take copies of documents home to finish up my clinical notes. Is this a violation of HIPAA?
The company, based in Prince George's County, MD, got hit in February with OCR's first civil money penalty for violations of the HIPAA Privacy Rule-a $4.3 million tab that included $3 million for failing to cooperate with the agency's investigation. OCR determined Cignet acted with "willful neglect" and did not take action to correct the violations, which allowed the agency to impose the highest level of fines based on its tiered penalty structure.
When President Obama signed into law the HITECH Act as part of ARRA in February 2009, it meant a bevy of changes to the existing HIPAA Privacy, Security, and Enforcement Rules.
HHS' OCR in February began using the new fine structure mandated by HITECH and handed one of the country's most prestigious hospitals, Massachusetts General Hospital (MGH) in Boston, a $1 million penalty for a breach violation.