Among the intentions behind the enactment of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) was safeguarding the protected health information (PHI) of every American. To that end, health care professionals who electronically transmit any patient care information, health insurance professionals and individuals who work at health care clearinghouses became known under the law as “Covered Entities.”
As Covered Entities, these individualsface monetary penalties for violating any provisions of HIPAA business associate compliance. Violations can range from the more routine, such as failure to achieve compliance due to incomplete risk assessments, to the very severe, such as a breach of private health data. According to the United States Department of Health and Human Services (HHS), 70 percent of the organizations subject to HIPAA compliance requirements fail to satisfy standards under the law.
As of January 2013, the release of the HIPAA Final Rule on Privacy and Security by HHS upped the ante by subjecting Business Associates and subcontractors to the same compliance liabilities (and the potential penalties for non-compliance) as the Covered Entities they work with.
The changes certainly present new challenges in the health care industry, especially for those organizations that were already struggling to satisfy the compliance regulations as they were originally introduced in 1996.
Making the effort to ensure all business associates and their subcontractors are in compliance and understand the potential consequences of failing to do so benefits all involved. For Business Associates and subcontractors, they can work confidently knowing they reduce the risk of facing fines as high as $50,000 per violation as a result of a non-compliance issue. This will also help to keep existing, positive business relationships intact.
hipaa regulations|HIPAA risk assessment software|how to be hipaa compliant|hipaa compliance software|what is hitech act|hipaa omnibus rule 