If you work in the healthcare industry or have access to electronic Protected Health Information (ePHI), you are required by the U.S. Department of Health and Human Services (HHS) to ensure all patient health information is secure.
Failure to comply with the HIPAA Privacy Rule and HIPAA Security Rule could mean big trouble for your business. You could find yourself on the HHS Breach Notification Portal, or you may even incur expensive fines or face jail time.
Just read what happened to a few companies who violated HIPAA and didn’t ensure compliancy:
- A former owner of a medical supply company received a 12-year jail sentence for criminal HIPAA violations and Medicare fraud.
- Memorial Healthcare System had to pay $5.5 million to settle potential (HIPAA) Privacy and Security Rules violations.
- New York and Presbyterian Hospital (NYP) and Columbia University were fined a combined $4.8 million after 6,800 patient records were accidently exposed publicly to search engines by an improperly configured computer server personally owned by a physician.
To prevent these kinds of HIPAA violations, it’s important that you have proper privacy measures in place.