SlideShare a Scribd company logo

June 2016 Newsletter

S
Sierra Smith
1 of 3
Download to read offline
THE LEGAL EAGLE JUNE 2016 POWERED BY: THE LEGAL TEAM Issue 2 1 The Legal Eagle June 2016 Powered by: The Legal Team KEEP YOUR EYE ON PHI IN THIS ISSUE Did you know? If an individual did not know (and by exercising reasonable diligence would not have known) that he/she violated HIPAA, it carries a minimum penalty of $100 per violation with an annual maximum of $25,000 for repeat violations and a maximum penalty of $50,000 per violation with an annual maximum of $1.5 million. If there is a HIPAA violation due to reasonable cause and not due to willful neglect, it carries a minimum penalty of $1,000 per violation with an annual maximum of $100,000 for repeat violators and a maximum penalty of $50,000 per violation with an annual maximum of $1.5 million. If there is a HIPAA violation due to willful neglect but the violation is corrected within the required time period, there is a minimum penalty of $10,000 per violation with an annual maximum of $250,000 for repeat violations and a maximum penalty of $50,000 per violation with an annual maximum of $1.5 million. If there is a HIPAA violation due to willful neglect, and it is not corrected, there is a minimum penalty of $50,000 per violation with an annual maximum of $1.5 million and a maximum penalty of $50,000 per violation with an annual maximum of $1.5 million. Criminal Penalties In June 2005, the U.S. Department of Justice (DOJ) clarified who can be held criminally liable under HIPAA. Covered entities and specified individuals, as explained below, who "knowingly" obtain or disclose individually identifiable health information in violation of the Administrative Simplification Regulations face a fine of up to $50,000, as well as imprisonment up to one year. Offenses committed under false pretenses allow penaltiesto be increased to a $100,000 fine, with up to five years in prison. Finally, offenses committed with the intent to sell, transfer, or use individually identifiable health information for commercial advantage, personal gain or malicious harm permit fines of $250,000, and imprisonment for up to ten years. Knowingly The DOJ interpreted the "knowingly" element of the HIPAA statute for criminal liability as requiring only knowledge of the actions that constitute an offense. Specific knowledge of an action being in violation of the HIPAA statute is not required. Source: http://www.ama- assn.org/ama/pub/physician- resources/solutions-managing-your- practice/coding-billing-insurance/hipaahealth- insurance-portability-accountability-act/hipaa- violations-enforcement.page? Don’t land in HIPAA Jail! The U.S. Department of Health and Human Services maintains a list of HIPAA Violators: https://ocrportal.hhs.gov/ocr/breach/breach_report.jsf I commit to:  Proofread my work  Be aware  Be attentive  Be observant  Stop and double check the intended recipient of any email before sending HIPAA Violations and Enforcement
THE LEGAL EAGLE JUNE 2016 POWERED BY: THE LEGAL TEAM | Issue 2 2 Name: Sierra Smith Title: Senior Hospice Account Manager Legal Eagle Q&A with the First Inductee into the HIPAA Hall of Fame How long have you been with ProCare? 5 years and 6 months. QT or RaceTrac? QT If you could be any flavor of ice cream, what would you be & why? Chocolate with Pecans; I love that flavor, and I am a bit nutty! Facebook or Twitter? NEITHER! Braves or Falcons? BOTH! Favorite Inspirational quote? I have a few… not sure which one to choose: “And we know that all things work together for good to them that love God, to them who are called according to his purpose.” Romans 8:28 “When life knocks you down to your knees, know that you’re in the perfect position to pray.” “One day your life will flash before your eyes. Make sure it’s worth watching...” HIPAA Hero: Do you have a co-worker who consistently demonstrates compliance, attention to detail, precision and dedication to HIPAA? Nominate them to be featured in next month’s newsletter as the HIPAA Hero! Submissions can be sent to estewart@procarerx.com OUR FIRST HIPAA Hero: MEET SIERRA SMITH
THE LEGAL EAGLE JUNE 2016 POWERED BY: THE LEGAL TEAM | Issue 2 3 Leonard’s Legal Language Lesson Would business associate contracts in electronic form, with an electronic signature, satisfy the HIPAA Privacy Rule's business associate contract requirements? Yes, assuming that the electronic contract satisfies the applicable requirements of State contract law. The Privacy Rule generally allows for electronic documents, including business associate contracts, to qualify as written documents for purposes of meeting the Rule’s requirements. However, currently, no standards exist under HIPAA for electronic signatures. In the absence of specific standards, covered entities must ensure any electronic signature used will result in a legally binding contract under applicable State or other law. Source: http://www.hhs.gov/hipaa/for-professionals/faq/247/are-business-associate-contracts-in-electronic-form-acceptable/index.html LEONARD’S VOCABULARY CROSSWORD:

Recommended

How to Detect Email Fraud
How to Detect Email FraudHow to Detect Email Fraud
How to Detect Email FraudTexas Medical Liability Trust
 
2016 Cyber Presentation
2016 Cyber Presentation2016 Cyber Presentation
2016 Cyber PresentationTodd Rowe
 
Introduction to the Epsilon Data Breach
Introduction to the Epsilon Data BreachIntroduction to the Epsilon Data Breach
Introduction to the Epsilon Data BreachThe Lorenzi Group
 
Week 1 discussion 2 hipaa
Week 1 discussion 2 hipaaWeek 1 discussion 2 hipaa
Week 1 discussion 2 hipaaMADOZI4671
 
HIPAA HHS OCR Audit Questions
HIPAA HHS OCR Audit QuestionsHIPAA HHS OCR Audit Questions
HIPAA HHS OCR Audit QuestionsDavid Sweigert
 
HIPAA compliance report submitted to Congress by DHHS OCR
HIPAA compliance report submitted to Congress by DHHS OCRHIPAA compliance report submitted to Congress by DHHS OCR
HIPAA compliance report submitted to Congress by DHHS OCRDavid Sweigert
 
HIPAA Portable Media Use Policy and Social Media Dangers
HIPAA Portable Media Use Policy and Social Media DangersHIPAA Portable Media Use Policy and Social Media Dangers
HIPAA Portable Media Use Policy and Social Media DangersCandy Matheny
 
Leading your HIPAA Compliance Culture in 2016
Leading your HIPAA Compliance Culture in 2016Leading your HIPAA Compliance Culture in 2016
Leading your HIPAA Compliance Culture in 2016Lance King
 

Recommended

How to Detect Email Fraud
How to Detect Email FraudHow to Detect Email Fraud
How to Detect Email FraudTexas Medical Liability Trust
 
2016 Cyber Presentation
2016 Cyber Presentation2016 Cyber Presentation
2016 Cyber PresentationTodd Rowe
 
Introduction to the Epsilon Data Breach
Introduction to the Epsilon Data BreachIntroduction to the Epsilon Data Breach
Introduction to the Epsilon Data BreachThe Lorenzi Group
 
Week 1 discussion 2 hipaa
Week 1 discussion 2 hipaaWeek 1 discussion 2 hipaa
Week 1 discussion 2 hipaaMADOZI4671
 
HIPAA HHS OCR Audit Questions
HIPAA HHS OCR Audit QuestionsHIPAA HHS OCR Audit Questions
HIPAA HHS OCR Audit QuestionsDavid Sweigert
 
HIPAA compliance report submitted to Congress by DHHS OCR
HIPAA compliance report submitted to Congress by DHHS OCRHIPAA compliance report submitted to Congress by DHHS OCR
HIPAA compliance report submitted to Congress by DHHS OCRDavid Sweigert
 
HIPAA Portable Media Use Policy and Social Media Dangers
HIPAA Portable Media Use Policy and Social Media DangersHIPAA Portable Media Use Policy and Social Media Dangers
HIPAA Portable Media Use Policy and Social Media DangersCandy Matheny
 
Leading your HIPAA Compliance Culture in 2016
Leading your HIPAA Compliance Culture in 2016Leading your HIPAA Compliance Culture in 2016
Leading your HIPAA Compliance Culture in 2016Lance King
 
Implications of hipaa non compliance
Implications of hipaa non complianceImplications of hipaa non compliance
Implications of hipaa non complianceAegify Inc.
 
Hipaa
HipaaHipaa
Hipaatrstib7577
 
HIPAA HiTech Regulations: What Non-Medical Companies Need to Know
HIPAA HiTech Regulations: What Non-Medical Companies Need to KnowHIPAA HiTech Regulations: What Non-Medical Companies Need to Know
HIPAA HiTech Regulations: What Non-Medical Companies Need to KnowNetwork 1 Consulting
 
Confidentiality
ConfidentialityConfidentiality
ConfidentialityLfsadie
 
Where do you fall
Where do you fallWhere do you fall
Where do you fallJose Ivan Delgado, Ph.D.
 
HIPAA
HIPAAHIPAA
HIPAAkgriffin2011
 
Discussion 2
Discussion 2Discussion 2
Discussion 2Jpribyl17
 
Hipaa final enforcement rule
Hipaa final enforcement ruleHipaa final enforcement rule
Hipaa final enforcement ruleYork County School of Technology
 
Hipaa presentation
Hipaa presentationHipaa presentation
Hipaa presentationcjkonsella
 
HIPAA: Week 1 Discussion 2
HIPAA: Week 1 Discussion 2HIPAA: Week 1 Discussion 2
HIPAA: Week 1 Discussion 2Kelly Castle
 
HIPAA Breach NotificationRule - What you must do to comply - By Compliance Gl...
HIPAA Breach NotificationRule - What you must do to comply - By Compliance Gl...HIPAA Breach NotificationRule - What you must do to comply - By Compliance Gl...
HIPAA Breach NotificationRule - What you must do to comply - By Compliance Gl...Compliance Global Inc
 
Privacy and confidentiality
Privacy and confidentialityPrivacy and confidentiality
Privacy and confidentialityjlcapel
 
Maintaining Patient Privacy
Maintaining Patient PrivacyMaintaining Patient Privacy
Maintaining Patient Privacyformymha
 
Hippa
HippaHippa
Hippaktxrayu
 
Hippa
HippaHippa
Hippaktxrayu
 
HIPAA Rules for New Patient Attraction - Websites, Testimonials, Social Media...
HIPAA Rules for New Patient Attraction - Websites, Testimonials, Social Media...HIPAA Rules for New Patient Attraction - Websites, Testimonials, Social Media...
HIPAA Rules for New Patient Attraction - Websites, Testimonials, Social Media...Compliance Global Inc
 
HIPPA: How to protect your information....
HIPPA: How to protect your information....HIPPA: How to protect your information....
HIPPA: How to protect your information....Jeannie Joseph
 
HIPAA EDUCATION
HIPAA EDUCATIONHIPAA EDUCATION
HIPAA EDUCATIONDarcys2856
 
Being HIPAA Compliant takes Work!
Being HIPAA Compliant takes Work!Being HIPAA Compliant takes Work!
Being HIPAA Compliant takes Work!James Brown
 
Hippa training for healthcare employees
Hippa training for healthcare employeesHippa training for healthcare employees
Hippa training for healthcare employeesaminahallen
 

More Related Content

Similar to June 2016 Newsletter

Implications of hipaa non compliance
Implications of hipaa non complianceImplications of hipaa non compliance
Implications of hipaa non complianceAegify Inc.
 
HIPAA HiTech Regulations: What Non-Medical Companies Need to Know
HIPAA HiTech Regulations: What Non-Medical Companies Need to KnowHIPAA HiTech Regulations: What Non-Medical Companies Need to Know
HIPAA HiTech Regulations: What Non-Medical Companies Need to KnowNetwork 1 Consulting
 
Confidentiality
ConfidentialityConfidentiality
ConfidentialityLfsadie
 
Discussion 2
Discussion 2Discussion 2
Discussion 2Jpribyl17
 
Hipaa presentation
Hipaa presentationHipaa presentation
Hipaa presentationcjkonsella
 
HIPAA: Week 1 Discussion 2
HIPAA: Week 1 Discussion 2HIPAA: Week 1 Discussion 2
HIPAA: Week 1 Discussion 2Kelly Castle
 
HIPAA Breach NotificationRule - What you must do to comply - By Compliance Gl...
HIPAA Breach NotificationRule - What you must do to comply - By Compliance Gl...HIPAA Breach NotificationRule - What you must do to comply - By Compliance Gl...
HIPAA Breach NotificationRule - What you must do to comply - By Compliance Gl...Compliance Global Inc
 
Privacy and confidentiality
Privacy and confidentialityPrivacy and confidentiality
Privacy and confidentialityjlcapel
 
Maintaining Patient Privacy
Maintaining Patient PrivacyMaintaining Patient Privacy
Maintaining Patient Privacyformymha
 
HIPAA Rules for New Patient Attraction - Websites, Testimonials, Social Media...
HIPAA Rules for New Patient Attraction - Websites, Testimonials, Social Media...HIPAA Rules for New Patient Attraction - Websites, Testimonials, Social Media...
HIPAA Rules for New Patient Attraction - Websites, Testimonials, Social Media...Compliance Global Inc
 
HIPPA: How to protect your information....
HIPPA: How to protect your information....HIPPA: How to protect your information....
HIPPA: How to protect your information....Jeannie Joseph
 
HIPAA EDUCATION
HIPAA EDUCATIONHIPAA EDUCATION
HIPAA EDUCATIONDarcys2856
 
Being HIPAA Compliant takes Work!
Being HIPAA Compliant takes Work!Being HIPAA Compliant takes Work!
Being HIPAA Compliant takes Work!James Brown
 
Hippa training for healthcare employees
Hippa training for healthcare employeesHippa training for healthcare employees
Hippa training for healthcare employeesaminahallen
 

Similar to June 2016 Newsletter (20)

Implications of hipaa non compliance
Implications of hipaa non complianceImplications of hipaa non compliance
Implications of hipaa non compliance
 
Hipaa
HipaaHipaa
Hipaa
 
HIPAA HiTech Regulations: What Non-Medical Companies Need to Know
HIPAA HiTech Regulations: What Non-Medical Companies Need to KnowHIPAA HiTech Regulations: What Non-Medical Companies Need to Know
HIPAA HiTech Regulations: What Non-Medical Companies Need to Know
 
Confidentiality
ConfidentialityConfidentiality
Confidentiality
 
Where do you fall
Where do you fallWhere do you fall
Where do you fall
 
HIPAA
HIPAAHIPAA
HIPAA
 
Discussion 2
Discussion 2Discussion 2
Discussion 2
 
Hipaa final enforcement rule
Hipaa final enforcement ruleHipaa final enforcement rule
Hipaa final enforcement rule
 
Hipaa presentation
Hipaa presentationHipaa presentation
Hipaa presentation
 
HIPAA: Week 1 Discussion 2
HIPAA: Week 1 Discussion 2HIPAA: Week 1 Discussion 2
HIPAA: Week 1 Discussion 2
 
HIPAA Breach NotificationRule - What you must do to comply - By Compliance Gl...
HIPAA Breach NotificationRule - What you must do to comply - By Compliance Gl...HIPAA Breach NotificationRule - What you must do to comply - By Compliance Gl...
HIPAA Breach NotificationRule - What you must do to comply - By Compliance Gl...
 
Privacy and confidentiality
Privacy and confidentialityPrivacy and confidentiality
Privacy and confidentiality
 
Maintaining Patient Privacy
Maintaining Patient PrivacyMaintaining Patient Privacy
Maintaining Patient Privacy
 
Hippa
HippaHippa
Hippa
 
Hippa
HippaHippa
Hippa
 
HIPAA Rules for New Patient Attraction - Websites, Testimonials, Social Media...
HIPAA Rules for New Patient Attraction - Websites, Testimonials, Social Media...HIPAA Rules for New Patient Attraction - Websites, Testimonials, Social Media...
HIPAA Rules for New Patient Attraction - Websites, Testimonials, Social Media...
 
HIPPA: How to protect your information....
HIPPA: How to protect your information....HIPPA: How to protect your information....
HIPPA: How to protect your information....
 
HIPAA EDUCATION
HIPAA EDUCATIONHIPAA EDUCATION
HIPAA EDUCATION
 
Being HIPAA Compliant takes Work!
Being HIPAA Compliant takes Work!Being HIPAA Compliant takes Work!
Being HIPAA Compliant takes Work!
 
Hippa training for healthcare employees
Hippa training for healthcare employeesHippa training for healthcare employees
Hippa training for healthcare employees
 

June 2016 Newsletter

  • 1. THE LEGAL EAGLE JUNE 2016 POWERED BY: THE LEGAL TEAM Issue 2 1 The Legal Eagle June 2016 Powered by: The Legal Team KEEP YOUR EYE ON PHI IN THIS ISSUE Did you know? If an individual did not know (and by exercising reasonable diligence would not have known) that he/she violated HIPAA, it carries a minimum penalty of $100 per violation with an annual maximum of $25,000 for repeat violations and a maximum penalty of $50,000 per violation with an annual maximum of $1.5 million. If there is a HIPAA violation due to reasonable cause and not due to willful neglect, it carries a minimum penalty of $1,000 per violation with an annual maximum of $100,000 for repeat violators and a maximum penalty of $50,000 per violation with an annual maximum of $1.5 million. If there is a HIPAA violation due to willful neglect but the violation is corrected within the required time period, there is a minimum penalty of $10,000 per violation with an annual maximum of $250,000 for repeat violations and a maximum penalty of $50,000 per violation with an annual maximum of $1.5 million. If there is a HIPAA violation due to willful neglect, and it is not corrected, there is a minimum penalty of $50,000 per violation with an annual maximum of $1.5 million and a maximum penalty of $50,000 per violation with an annual maximum of $1.5 million. Criminal Penalties In June 2005, the U.S. Department of Justice (DOJ) clarified who can be held criminally liable under HIPAA. Covered entities and specified individuals, as explained below, who "knowingly" obtain or disclose individually identifiable health information in violation of the Administrative Simplification Regulations face a fine of up to $50,000, as well as imprisonment up to one year. Offenses committed under false pretenses allow penaltiesto be increased to a $100,000 fine, with up to five years in prison. Finally, offenses committed with the intent to sell, transfer, or use individually identifiable health information for commercial advantage, personal gain or malicious harm permit fines of $250,000, and imprisonment for up to ten years. Knowingly The DOJ interpreted the "knowingly" element of the HIPAA statute for criminal liability as requiring only knowledge of the actions that constitute an offense. Specific knowledge of an action being in violation of the HIPAA statute is not required. Source: http://www.ama- assn.org/ama/pub/physician- resources/solutions-managing-your- practice/coding-billing-insurance/hipaahealth- insurance-portability-accountability-act/hipaa- violations-enforcement.page? Don’t land in HIPAA Jail! The U.S. Department of Health and Human Services maintains a list of HIPAA Violators: https://ocrportal.hhs.gov/ocr/breach/breach_report.jsf I commit to:  Proofread my work  Be aware  Be attentive  Be observant  Stop and double check the intended recipient of any email before sending HIPAA Violations and Enforcement
  • 2. THE LEGAL EAGLE JUNE 2016 POWERED BY: THE LEGAL TEAM | Issue 2 2 Name: Sierra Smith Title: Senior Hospice Account Manager Legal Eagle Q&A with the First Inductee into the HIPAA Hall of Fame How long have you been with ProCare? 5 years and 6 months. QT or RaceTrac? QT If you could be any flavor of ice cream, what would you be & why? Chocolate with Pecans; I love that flavor, and I am a bit nutty! Facebook or Twitter? NEITHER! Braves or Falcons? BOTH! Favorite Inspirational quote? I have a few… not sure which one to choose: “And we know that all things work together for good to them that love God, to them who are called according to his purpose.” Romans 8:28 “When life knocks you down to your knees, know that you’re in the perfect position to pray.” “One day your life will flash before your eyes. Make sure it’s worth watching...” HIPAA Hero: Do you have a co-worker who consistently demonstrates compliance, attention to detail, precision and dedication to HIPAA? Nominate them to be featured in next month’s newsletter as the HIPAA Hero! Submissions can be sent to estewart@procarerx.com OUR FIRST HIPAA Hero: MEET SIERRA SMITH
  • 3. THE LEGAL EAGLE JUNE 2016 POWERED BY: THE LEGAL TEAM | Issue 2 3 Leonard’s Legal Language Lesson Would business associate contracts in electronic form, with an electronic signature, satisfy the HIPAA Privacy Rule's business associate contract requirements? Yes, assuming that the electronic contract satisfies the applicable requirements of State contract law. The Privacy Rule generally allows for electronic documents, including business associate contracts, to qualify as written documents for purposes of meeting the Rule’s requirements. However, currently, no standards exist under HIPAA for electronic signatures. In the absence of specific standards, covered entities must ensure any electronic signature used will result in a legally binding contract under applicable State or other law. Source: http://www.hhs.gov/hipaa/for-professionals/faq/247/are-business-associate-contracts-in-electronic-form-acceptable/index.html LEONARD’S VOCABULARY CROSSWORD: