HIPAA Enforcement: Who Enforces HIPAA?

There are significant consequences for breaking the HIPAA laws. The HIPAA Rule is enforced through several methods. HIPAA is a federal law, which is enforced by the Department of Health and Human Services’ (HHS) Office for Civil Rights (OCR). This is the most common method of HIPAA enforcement. State attorneys general may also conduct HIPAA enforcement. How Does HIPAA Enforcement Work? HIPAA [...]

2023-09-06T16:55:24-04:00December 17th, 2019|

HIPAA Compliance for Non-Covered Entities

The HIPAA law subjects covered entities - defined as health plans, health providers, and healthcare clearinghouses - to its regulatory scheme. By definitions, non-covered entities are not subject to HIPAA regulations. Apps and consumer devices that collect protected health information (PHI), and the vendors that manufacture them, do not meet the definition of a “covered entity.” However, a number of organizations have called for HIPAA compliance for [...]

2023-08-07T14:13:18-04:00November 4th, 2019|

HIPAA and Medical Record Copy Fees

Patients often request copies of their medical files. Traditionally, state law governed the subject of medical record copy fees. State laws typically permit providers to charge a per-page copy fee, of up to a certain dollar value, or to charge a flat fee of up to a certain amount for the entire medical record. Many covered entities simply charge the maximum amount that state law allows for medical record [...]

2023-08-24T11:48:24-04:00October 18th, 2019|

The Audits Are Coming! The Audits Are Coming!

OCR Phase 2 Audits Have Begun As of March 22, 2016, the Office for Civil Rights (OCR) has officially begun their Phase 2 HIPAA Privacy, Security, and Breach Notification Audit Program. This announcement comes after months of speculation and preparation for the eventual roll-out of this new program. Luckily, with Compliancy Group you won't have to go it alone. Just like Paul Revere on his [...]

2023-08-07T15:58:03-04:00March 24th, 2016|

Understanding HIPAA for Mail Service Providers as Business Associates

Many private services and companies that deal with the transit, storage, or distribution of protected health information (PHI) are beholden to HIPAA regulations as business associates (BAs). Though the scope of your business might not touch upon direct medical care, any organization that is paid to come into contact with PHI must comply with federal regulations regarding the privacy and security of that information while it passes through [...]

2023-08-07T15:59:37-04:00March 15th, 2016|

Is this a reprieve or a wake-up call?

This all depends on where you are with your HIPAA compliance plan and the necessity to have on in place. This article, taken from an interview with Leon Rodriguez from HHS, Office or Civil Rights, highlights critical thinking covered entities, business associates and their subcontractors should be looking into and taking notice of. Leon Rodriguez from HHS says: "What we've been learning from the monetary settlement cases we've done [...]

2023-04-10T12:34:24-04:00January 7th, 2013|