Virtually all individuals and business are impacted in some way by the Health Insurance Portability and Accountability Act (HIPAA), whether as healthcare consumers, technology developers, or providers of health services. HIPAA is most known for its privacy regulations and compliance is an important part of every provider’s risk management.
Complaints Growing Exponentially
A recent HIPAA report reveals that complaints through May of this year are up over 45 percent from the same period last year. Moreover, last year’s complaints were already up from previous years. Commentators expect the rate to continue to increase throughout the rest of the year.
Additional regulations, changes in technology, and increased consumer awareness of HIPAA regulations are a few of the reasons cited for the continually increasing complaints. Regardless of the reason for the increase, it means that healthcare providers are placed in a higher risk position. HIPAA violations are no joke, and can result in high financial penalties for offenders. For example, Parkview Healthcare, based in Indiana, recently agreed to an $800,000 settlement for violations from 2009.
New Leadership at HHS
At the same time as complaints are on the rise, a change in leadership is occurring at the Department of Health and Human Services’ Office of Civil Rights (OCR). Leon Rodriguez, who had served as Director of OCR and the top HIPAA privacy rules enforcer, has resigned to accept a governmental post with a different agency. Stepping into his role will be Jocelyn Samuels, who is currently an assistant attorney general with the Department of Justice. It will be a few weeks until Samuels can complete the transition and in that time the post will be vacant.
Managing the high, growing volume of HIPAA complaints with existing human and financial resources is anticipated to be Samuels’ biggest challenge. How she will handle this challenge and what policy changes and new directions she may bring remains to be seen.
Technology and Compliance
The move towards integrated electronic medical records is generally viewed as a positive one for patient care. It helps doctors quickly coordinate and share information with one another as well as to more easily organize and track care provided to a patient. Software and app developers have been big winners in this move.
However, technology brings with it additional security risks and HIPAA compliance concerns. A recent article highlighted the risk faced by application developers, some of whom are unfamiliar with HIPAA, and some tips to ensure compliance. It is not just the application and software developers who encounter a risk; medical care providers using these technologies are also at increased risk. Providers must be familiar with data security rules and just as importantly should be adequately trained on how to use programs and applications. Effective training reduces the risk of accidental disclosure.
Compliance is Crucial
More than ever, it is imperative that healthcare providers maintain a working knowledge of HIPAA and take steps to ensure compliance. Hiring a healthcare attorney from Whitcomb, Selinsky Law, P.C. can help your office develop procedures and policies to maintain compliance and reduce your risk of liability. Pleaes call (303) 534-1958 or complete an online contact form.