Entities should do everything it takes to avoid HIPAA fines and penalties

The fact of about 120 million individuals being affected by HIPAA breaches in 2015 highlights two important points:

There is a mad demand for these records in the black market, which is why they are being targeted to this extent. Any wonder that PHI is in greater demand in the black market than even social security and credit cards?
There is an acute need for Covered Entities and Business Associates to take all the steps at their command to avoid HIPAA fines and penalties.

The federal government, on its part, is extremely vigilant about protecting healthcare records. It has been consistently exhorting the HHS to take a fresh look at the increased incidence of cyberattacks that has resulted in medical records theft.

Phase 2 of HIPAA audits is very stringent

With the OCR’s harsher Phase 2 HIPAA audits now underway, there has been a heightened need for Covered Entities and Business Associates to devise ways of avoiding HIPAA fines and penalties. This is not to suggest that Covered Entities and Business Associates need to panic. It is just that they need to get a clear and thorough understanding of HIPAA compliance requirements expected of a healthcare provider if they have to avoid HIPAA fines and penalties.

Further, a thorough understanding of HIPAA compliance requirements is necessary to also meet another core HIPAA requirement: Providing the appropriate patient rights and controls on HIPAA’s uses and disclosures of PHI.

The HHS expects an organization that is being audited or is the subject of a compliance review to demonstrate two points if it has to avoid HIPAA fines and penalties: a) the way by which it addresses all of the required security safeguards, and b) documentation of the proper policies and procedures necessary for safeguarding patient PHI.

These facts show that it is extremely crucial for organizations to avoid HIPAA fines and penalties, given the astronomical cost of noncompliance.

A valuable learning on how to avoid HIPAA fines and penalties

A thorough learning on what Covered Entities and Business Associates need to do to get their HIPAA implementation right will be imparted at a webinar that is being organized by MentorHealth, a leading provider of professional trainings for the healthcare industry. At this webinar, Jay Hodes, who is President and Founder, Colington Security Consulting, LLC, will be the speaker. Just visit to gain complete understanding that Jay will impart about ways of avoiding HIPAA fines and penalties. This course is approved for 1.5 general credits from the Nevada Board Of Continuing Legal Education.

Clarity on how to avoid HIPAA fines and penalties

Jay will highlight the importance of being compliant with the HIPAA requirements for an organization if it has to avoid HIPAA fines and penalties. The ways by which a Business Associate or Covered Entity can provide the appropriate patient rights and controls on its uses and disclosures of Protected Health Information (PHI) and what all it has to have in place for doing so, will all be explained.

He will explain the core areas for an organization that is the subject of a compliance review or is being audited towards avoiding HIPAA fines and penalties: How it needs to show to the HHS both the documentation necessary for safeguarding patient PHI, as well as the ability to show how it is addressing all of the required security safeguards.

The following areas will be covered at this session: