Header graphic for print
HealtHITechLaw HIPAA, HITECH and Beyond

Tag Archives: Compliance

OCR TO BEGIN SECOND ROUND OF HIPAA AUDITS

Posted in Enforcement, OCR Audits

The U.S. Department of Health and Human Services’ Office for Civil Rights (“OCR”) has announced that it is gearing up for its second round of HIPAA compliance audits later this year.  The HIPAA Audit Program is authorized under Section 13411 of the HITECH Act and is intended to assess compliance with the HIPAA Privacy, Security,… Continue Reading

Dermatology Practice Hit With $150,000 HIPAA Penalty

Posted in Breach, Enforcement

2013 ended like it started – with OCR actively monitoring and enforcing health care provider HIPAA compliance.  On December 26, 2013, OCR imposed a $150,000 penalty and a corrective action plan upon a Massachusetts dermatology physician practice arising out of a self-reported HIPAA breach.   See Resolution Agreement. In October 2011, Adult & Pediatric Dermatology, P.C. of… Continue Reading

HIPAA Security Risk Analysis: Fact or Fiction?

Posted in Meaningful Use, Security

Leading up to the recent compliance date for the Final HIPAA Rule, much was made about the need for providers to perform a security risk analysis.  Quite a bit of dialogue around the increased security compliance obligations centered on the security risk analysis as a foundational requirement of HIPAA.   Although this is not a new requirement, heightened… Continue Reading