Most Detailed & Costly Compliance Agreement You Are Ever Likely to See

Corporate integrity agreements or the consent agreements which are reached between the government (HHS) and Covered Entities and Business Associates can be extremely detailed, comprehensive and costly. In my last post ( Seven Noteworthy HIPAA Breaches & the Recent Enforcement Actions )  I went so far as to say that these agreements and their implementation are often more expensive than the actual …

Seven Noteworthy HIPAA Breaches & the Recent Enforcement Actions

The following unlucky seven were subject to substantial fines. The costs associated with defending the audit, negotiating the settlement and the cost of implementing the invariable forward-going consent agreements/corporate action plans (CAP), however, are separate and above (and often higher) than the reported fine. These cases range from relatively small to admittedly large breaches, from the unlikely event to situations …

The Seven Most Likely Causes of Major HIPAA Breaches

While it is important to comply with all of the mandates of the Omnibus Rule, I think it is instructive to know from where the most vulnerable areas of breach of PHI arise. In a recent presentation to a limited number of attorneys in which I participated, an investigator for the Office for Civil Rights (OCR) advised that with respect …

The Five Most Likely Types of Major HIPAA Breaches

While it is important to comply with all of the mandates of the Omnibus Rule, I think it is instructive to know from where the most vulnerable areas of breach of PHI arise. In a recent presentation to a limited number of attorneys in which I participated, an investigator for the Office for Civil Rights (OCR) advised that with respect …

What Is an Elephant? – An Ant Built to Government Specification

When I was a lot younger, the title to this post was a joke that was often bandied about. It is entirely possible, however, that the new elephant is what covered entities and/or business associates (which, for purposes of brevity I will refer to as covered entities) must be ready for with respect to HIPAA audits. The notion that health …

HIPAA Audits – Imagine Tax Payments without IRS Audits

We can probably all agree that no one (except possibly accountants) looks forward to an IRS audit. At its most elemental level, there is virtually no upside, a possible downside and a deep feeling that, at best, it will disrupt our lives. HIPAA audits are essentially no different. One major difference is that for almost all taxpayers, the idea and …

Will the government send medical practitioners back to the Stone Age or to Bankruptcy Court?

There are currently two competing forces with respect to the administration of healthcare. On the one hand, the government seeks widespread use of EMRs and electronic dissemination of medical records. On the other hand, OIG, various Attorneys General and the courts present potentially crippling financial liability for the almost inevitable data breaches caused by hackers. The recent data breaches of …