TopPatch Compliance Consulting
The cornerstone of our compliance suite is weekly engagement with your staff by our specialists to ensure that HIPAA-mandated policies are comprehended, enacted, and maintained. Workforce conformity is the single most important piece of HIPAA/HITECH compliance—and the piece most easily overlooked. Our HIPAA specialists are available to assist your organization step-by-step in its quest to achieve HIPAA compliance.
The guidelines surrounding healthcare data—specifically protected health information (PHI), which includes all patient records and other data—are incredibly rigorous, given the sensitive nature of the information they protect. Making compliance even more difficult to achieve is the fact that organizations work with electronic PHI (ePHI) are responsible not just for their own security but for that of any third-party business associates they engage with as well.
The Health Insurance Portability and Account Act (HIPAA) was signed into law in 1996, mandating wide-ranging information security and privacy for physical and mental health patients and their records. In 2009, HIPAA was amended by the Health Information Technology for Economic and Clinical Health (HITECH) Act, which addressed technological advances and the prevalence of digital recordkeeping, and established new forms of rigorous, mandatory protection of ePHI by all organizations that create, store, or transmit it.
The penalties for being found out of HIPAA/HITECH compliance, mandatory for small health plans since 2006 and for all others since 2005, are enormous: depending on the infraction, fines per data breach violation can range from $100 to $50,000, up to a total of $1.5 million per year. Individuals found violating HIPAA requirements can face up to $250,000 in fines and 10 years in prison. Covered entities like healthcare providers, medical clearinghouses, and health plans can all be subject to criminal penalties as well.
Contact our HIPAA specialist today to find out what we can do to help your organization achieve HIPAA/HITECH compliance effectively, expediently, and cost-efficiently.