2. Violation of HIPAA
Over 120 UCLA staff saw celebrity’s medical
records and personal information.
The California Department of Public Health, also
said three staffers at the UCLA Medical Center
continued to look at the confidential records of a
"well-known individual" after a crackdown of
record-peeking.
3. HIPPA
HIPAA the health care insurance portability and
accountability act of 1996 is to protect the privacy
and confidentiality of patients medical information.
HIPAA outlines specific situations that a covered
entity is permitted to disclose personal health
information needed for patient care, and for health
services reimbursements to health providers.
4. HIPAA Violations and Enforcement
The American Recovery and Reinvestment Act of 2009 that was signed
into law on February 17, 2009, established a tiered civil penalty
structure for HIPAA violations.
The HHS determines the amount of the penalty based on the nature and
extent of the violation and the nature and extent of the harm resulting
from the violation.
“Through the Health Information Technology for Economic and
Clinical Health (HITECH) Act of 2009, violations and breaches are
more costly than ever. Arming practitioners and patients alike with
knowledge is necessary for protection. Physical security, electronic
security, monitoring, and employee training are the keys to securing
data”.
5. HIPAA Penalty
The maximum penalty is $50,000 per any of HIPAA violations, with an
annual maximum of $1.5 million.
HIPPA violations minimum penalty can range from $100 per violation,
with an annual maximum of $25,000 for repeat violations for an
individual that did not know that he/she violated HIPAA.
The worse HIPAA violation is an individual who violated HIPAA due
to willful neglect and is not corrected. The minimum penalties are
$50,000 per violation, with an annual maximum of $1.5 million.
If the violation is corrected within 30 days no civil penalties can be
imposed except in cases of willful neglect.
6. HIPAA Compliance Training
One individual should be assigned as the HIPAA
compliance officer who will educate and enforce
HIPAA compliance.
All health care providers that have access to patient
health information should be trained and educated
annually to comply with HIPAA regulations.
Let providers know that civil penalties can be
imposed.
7. HIPAA Safety Rules
HIPAA compliance officer can set safety measures in place to
protect the privacy of your client's medical information.
1. lock all unattended desk drawers.
2. lock your computer screen when away from your desk.
3. passwords to be changed on a quarterly basis.
4. securing office areas so only authorized employees can enter.
5. keeping documents turned upside down and/or out of view of
non-authorized employees and shredding all documents
containing PHI.
6. Train and test to ensure if they were to commit a violation
they can not claim they were unaware of the law.
8. Reporting HIPAA Violations
Report Violation to your HIPAA compliance officer
If you suspect a violation of your HIPPA rights, you can file a
complaint with the Office of Civil Rights of the U.S. Department of
Health and Human Services. Complaints must be made in writing, but
are accepted through mail, fax or email.
You have 180 days from the act of violation to file a complaint.
It is against the law for you to be punished for filing a complaint
9. References
Rey, Jorge, CISA,C.I.S.M., C.G.E.I.T., & Douglass, K.
(2012). Keys to securing data as a practitioner. The
Journal of Medical Practice Management : MPM, 27(4),
203-5. Retrieved from
http://search.proquest.com/docview/927046783?accountid
=32521
Associated Press (2008). Report: over 120 UCLA
Hospital Staff Saw Celebrity Health Records: Found at:
http://www.foxnews.com/story/2008/08/06/report-over-
120-ucla-hospital-staff-saw-celebrity-health-records/