The HIPAA privacy & security rule requires covered entities, including health care providers and health plans, and their business associates to conduct an accurate and thorough assessment of the potential risks and vulnerabilities to the confidentiality, integrity and availability of ePHI held by the covered entity or business associate. Many compliance plans require this assessment on an annual or periodic basis. If it has been more than a year since your organization conducted a HIPAA risk assessment, a review of recent enforcement activity by the office for civil rights (OCR) indicates that now may be the time to do so.
OCR issued several new guidance documents and launched phase 2 of its HIPAA audit program. It has announced a new initiative to more widely investigate breaches of PHI. According to its website, Office for Civil Rights entered into 12 settlement agreements with health care providers, plans and business associates for breach of the HIPAA privacy and security rules in 2016. OCR levied $23.51 million in fines for HIPAA violations in 2016. However, it has levied only $6.19 million in 2015 and $7.94 million in 2014. Unending the trend, OCR has already exceeded its 2014 and 2015 totals in the first two months of 2017, including the second largest fine to date, resulting in civil money penalties totaling $11.375 million so far this year.
Telegenisys recently announced that its operations have been audited for and received certifications for ISO 9001:2015 and ISO 27001:2005 and HIPAA compliance and is committed to securing client data to the highest standards (HIPAA risk assessment). Know more
Telegenisys Inc.completes third party HIPAA procedures audit successfully. Telegenisys has been auditing and doing data input for over 45,000 life insurance cases per month for the last 6 years.We have implemented strict privacy compliance for personal health information of applicants. To ensure compliance Telegenisys hires an audit firm every year…
When it comes to maintaining HIPAA compliance, both healthcare providers and their chosen third-party vendors – or business associates – need to work together for comprehensive and current health data security. According to Tim Feldman, Vice President and General Manager of Healthcare Compliance & Reimbursement at Wolters Kluwer Legal &…
Covered entities and business associates should be well-aware of the OCR HIPAA audit program, particularly when Phase 2 has already been in place for several months now. More organizations are electing for cloud computing options, and may even start to implement wearable devices, in addition to other connected devices (i.e.…