Taking HIPAA Compliance Seriously | Alice G. Gosfield & Associates, PC

Phone (215) 735-2384

With the publication of the HITECH and Security rules, compliance with HIPAA is back in the spotlight. Effective January 1, 2014, new rules will pertain. In our recent article in Family Practice Management, we dispel some myths and provide practical guidance to physicians. The importance of taking HIPAA compliance seriously can be seen in the first settlement of 2013 with the Office of Civil Rights of 2013. There, Idaho State University agreed to $400,000 and enter into a 2-year corrective action plan to settle alleged violations of HIPAA. In investigating the self-reported incident, the Office for Civil Rights found risk analyses and assessments that were "incomplete and inadequately identified potential risks or vulnerabilities," as well as "failure to assess the likelihood of potential risks occurring." The principle problem was a disabled firewall over a period of four years. There was no evidence that any records were accessed or that the security actually was breached. The settlement makes it clear that risk assessment and gap analysis are essential to being able to craft a well-designed, customized plan for HIPAA compliance. This is no longer a matter of choice.

Latest Issues

Follow our opinions on the latest issues affecting health care regulation.

› Read Latest Issues

Speeches

› Teleconference Registration

Products

Expand your reference library and your expertise in health care regulation.

› Browse Products

Stay up to date on health care regulation issues by becoming a member.

› Subscribe

Alice G. Gosfield and Associates, P.C. (“AGGA”) reserves the right to change the information on this website without notice. We make no representations about the accuracy or completeness of the information on this website or that material available from this site is free of viruses. Links on this website to other websites are for informational purposes only. They are not intended to constitute endorsements of or referrals to the entities or the products of the entities to which the links connect. AGGA is not responsible for the privacy practices of other web sites.

Access to this website shall not create nor be construed to create any attorney-client or business associate relationship between persons accessing the site and AGGA or any of its attorneys. The materials published and made available on this website are for information purposes only and should not be construed as legal advice or legal opinion on any specific facts or circumstances. Users of and visitors to the website should not act upon information on the website without first seeking legal counsel.

If you have any questions about this Disclaimer or the Website Privacy Policy, please contact us at info@gosfield.com.