HUB TechMinutes

Work smarter with the latest business technology news, tips and events.

HUB TechMinutes

Better business through better information.
2 minutes reading time (499 words)

Are Healthcare Providers Meeting HITECH Standards?

Are Healthcare Providers Meeting HITECH Standards?

Compliance can be difficult for some businesses. They might know that it’s a necessity--and may even know what they have to do--but they just have trouble implementing practices that are designed to guarantee the meet their regulatory responsibilities. PIPEDA/HIPAA and HITECH compliance laws in particular are difficult to navigate, and the results of failing to adhere to them can be dire.

Just a few years ago in 2016, the US Office for Civil Rights (OCR) and the US Department of Health investigated data breaches; the results of this investigation led to identifying several violations of these laws. A total of 12 settlements were the results of this investigation, as well as one civil penalty, that amounted to claims of approximately $25,505,300 in fines.

The numbers in 2017 are slightly more optimistic. This past year, there were only nine HIPAA settlements and a single monetary civil penalty paid totaling $19,393,000 in fines. While it’s clear that something is working, it’s not clear what exactly is or isn’t, but we know one thing for sure. Businesses don’t want to pay money for failing to adhere to compliance laws, but this doesn’t stop everyone from meeting their requirements.

The types of violations that led to these penalties aren’t particularly varied. Most of them stemmed from a failure to protect protected electonic health information, or ePHI, but there are a couple that come from different reasons. Here are a few other reasons:

  • Insufficient ePHI access control
  • Impermissible disclosure of ePHI
  • Careless handling of ePHI
  • Multiple PIPEDA/HIPAA violations
  • Delayed breach notifications
  • Lack of security management process
  • Lack of a business associate agreement

Another notable trend can also be seen in the failure of organizations to secure their mobile devices in a way which complies with PIPEDA/HIPAA and HITECH. Furthermore, there is also a failure to implement proper security processes and delaying notification of breaches at the heart of these fines.

Recently, a well-publicized lawsuit was filed in US federal court against 60 Indian hospitals over a failure to adhere to the HITECH Act. These hospitals had allegedly failed to provide records and documentation for as many as 50% of their patients within three business days of the request. As one of the requirements of receiving funding from the HITECH Act, this is a big issue for hospitals.

As a result of these failures, these hospitals face charges of well over $1 billion for failing to provide healthcare documents when asked to produce them. They obtained $324 million through the HITECH Act, but failed to adhere to its laws. Additionally, the hospitals violated the Anti-Kickback Statute and the False Claims Act for claiming falsely that they met the requirements of the HITECH legislature.

While it’s true that not all businesses need to consider healthcare compliance, it’s more likely than not that your organization works with some sort of sensitive information that is subject to compliance laws. To find out now if your organization is in trouble with compliance laws, reach out to us at 204-772-8822.

This Week’s Tech Term: Blockchain
Is Your Printer Wasting More Money Than it’s Worth...


No comments made yet. Be the first to submit a comment
Monday, October 22, 2018

Captcha Image

Happy Clients

Don't Miss Our Next Newsletter!

Subscribe to our free monthly newsletter! It's packed with valuable information, useful tips, and important security alerts.
* indicates required
Your email address is secure with us - we never share our subscriber information.

HUB Tech Minutes

19 October 2018
Technology has changed the way that the average user has consumed media. “Binging” is one of the primary ways that many users want to consume media, watching an entire season of television in one sitting. People want to consume content on their own t...
17 October 2018
The business world is inherently somewhat Darwinian: instead of organisms with desirable traits surviving and carrying on, better businesses tend to outlast those that are inferior. In order to keep on, you need to ensure that your business has the t...
15 October 2018
While email remains an important facet of professional business communications, the instant message is of rising importance in office environments everywhere. While any one of many factors may contribute to this shift, it provides those businesses th...