With the new HIPAA laws, business associates will now be scrutinized for fault in security breaches when they occur.  Last week I posted a short announcement on how the HIPAA laws have changed.  In cases of security breaches the investigation process and areas of responsibility is going to get a bit more detailed with penalty stakes rising.  Business consultants may become much aggressive too in the way the work with IT and IS departments in the future as far as compliance with the new laws.  BD

New and Upcoming HIPAA Rules – Read Up You May Now Be a Covered Entity

Business associates can be directly liable for a breach of unsecure protected health information (PHI) and could have to pay OCR directly, a top OCR official told HealthLeaders Media at the 18th Annual National HIPAA Summit Wednesday afternoon.

HealthLeaders Media asked Sue McAndrew, deputy director for Health Information Privacy for OCR, if a business associate could end up paying out of its own pocket for a breach. The answer is yes.

However, she went on to say OCR would consider waiving—or decreasing—some of the penalties after an assessment of the financial state of a violating hospital. She also said that the "settlement door is always open."

Business Associates Can Pay Directly for Breaches

0 comments :

Post a Comment

 
Top
Google Analytics Alternative