As we’ve entered a new year, it’s a good time to reflect on some of the larger HIPAA settlements from 2019 to remind us how crucial it is to stay in compliance with this federal law.
Background
The Health Insurance Portability and Accountability Act of 1996 (HIPAA) was enacted to improve the efficiency and effectiveness of the health care system in the United States. HIPAA required the Department of Health and Human Services (HHS) to develop various privacy and security regulations of certain health information. Thereafter, HHS published the HIPAA Privacy, Security, and Breach Notification Rules (HIPAA Rules).
The Privacy Rule established the national standards that protect the privacy of individually identifiable health information, and the Security Rule created security standards of certain health information held or transferred in electronic form. In case of a breach of unsecured protected health information, the Breach Notification Rule governs the notification process to various individuals and entities.
2019 Settlements
Within HHS, the Office for Civil Rights (OCR) enforces the HIPAA Rules through compliance reviews and investigations. Below is a list of HIPAA settlements of potential violations of the HIPAA Rules between various entities and the OCR for 2019. Not only can these settlements be costly, they are also made public. The OCR publishes these settlements through news releases and HHS maintains a list of breaches of unsecured protected health information affecting 500 or more individuals.
Now more than ever, Covered Entities subject to HIPAA must continue to strictly comply with these rules to avoid costly outcomes. ComplianceDashboard offers tools to help these entities navigate through the strict requirements of HIPAA to stay in compliance.
The information and content contained in this blog post are for general informational purposes only, and does not, and is not intended to, constitute legal advice.