The law also added a level of confusion to a complex marketplace. Today, 26 years after it became law, healthcare providers and their business associates still need help understanding if and how the law applies to their operations. It is vital to understand the importance of HIPAA in protecting your business.
The Importance of HIPAA – It’s the Law
It may be stating the obvious, but the first thing that gives HIPAA importance is that it is federal law. Enforcement of HIPAA falls under the purview of the Department of Health and Human Services, specifically, the agency’s Office for Civil Rights. The primary focus of the law is controlling the privacy and security of patients’ protected health information (PHI).
More than 314,000 complaints have been made to OCR since April 2003. The agency conducted at least 44,000 investigations (14 percent of all complaints), and 68 percent of investigations resulted in some form of corrective action.
Corrective action for a HIPAA violation can be as simple as providing guidance to a provider. More severe incidents can lead to HIPAA fines and years of additional oversight by OCR auditors.
HIPAA auditors have a reputation for trying to help providers and business associates in less punitive ways if there is cooperation. Failure to cooperate carries substantial consequences. This year, two healthcare providers were each fined $100,000 for patient right of access violations. In both cases, the providers ignored HIPAA requests for information or provided token cooperation.