Active Roster
Media
Sponsors
Legal Review of HIPAA Policies and Procedures
Protecting Your Practice from a Health and Human Services HIPAA Audit
The HIPAA law was just enhanced and made more powerful on January 25, 2013 with a compliance deadline of September 23, 2013. The penalties for violation of HIPAA were increased to $1.5M per violation, depending on the type of violation and whether it was due to negligence or intentional.
The federal Department of Health and Human Services (DHHS) has also said it is stepping up enforcement of the HIPAA Rule. HIPPA now covers not only all covered entities, such as doctors, clinics, medical groups, IPAS, ACOs, health plans, hospitals, surgery centers, but all ancillary healthcare businesses as well, such as PTs, labs and dialysis centers. All businesses and their subcontractors who handle PHI (protected health information) on their behalf also fall under the HIPAA rule. Examples of business associates would be IT firms, law firms, consulting, accounting, accreditation, financial services (e.g., billers and collectors) and data aggregators.
The definition of PHI has been expanded to include individually identifiable health information transmitted or maintained in electronic media or in any other form or medium so long as there is a reasonable basis to believe the information can be used to identify the individual.
As a covered entity, you are subject to audit by the HHS at any time a complaint has been filed. A critical part of the audit will be your compliance with the Security Rules of HIPAA and whether you have created a ‘PHI Map’ of the electronic PHI that flows in and out of your offices. You must also have conducted a ‘security risk analysis’ to identify the potential risks of improper uses and disclosures of ePHI and the vulnerability of the PHI maintained and transmitted by your offices. Security Risk Analysis are offered by Meaningful Use Experts, a division of e2o Health Inc.
Legal Review of HIPAA Privacy & Security Policies and Procedures
- Legal review of policies and procedures and HIPAA compliance questions
- Legal letter certifying compliance
Independent Legal Assistance
Robert Amador offers independent legal assistance for:
- Doctors facing notification by the DHHS and patients of a breach of their PHI
- Doctors who are facing litigation for breach of privacy or similar claims involving their information, such as healthcare trade secrets.
You can contact Robert directly for legal services at ra@amadorkelly.com.