HIPAA Compliance

1On September 23rd, new HIPAA (Health Insurance Portability and Accountability Act) and HITECH rules went into effect, directly affecting almost every healthcare practice and their business partners. Some significant considerations:

  1. HIPAA/HITECH now applies not only to health-care providers but also to IT vendors, attorneys, accountants, bookkeeping services, and others who come in contact with Protected Health Information (PHI).
  2. Data breaches affecting under 500 people must be reported annually to HHS yearly; data breaches affecting over 500 people must be reported immediately to HHS and the media.
  3. Strengthened patient rights to electronic copies of their health information. The required time for delivery has been reduced to 30 days, plus one available 30 day extension
  4. Requirement for risk analysis including addressing general security and use of external portable media (e.g., thumb drives)
  5. An updated Risk Assessment is probably required for Covered Entities
  6. If a Covered Entity or Business Associate knows that a business partner is not HIPAA compliant, they are responsible for reporting them.

What are the penalties for not complying with requirements?

  • Criminal Penalties now extend to individuals, not just practices or firms
  • Fines of between $1,000 and $1.5 million
  • 1 to 10 years in jail
  • Publicly accessible listings on HHS’ “HIPAA Wall of Shame

Download Free White Paper from CMIT HIPAA Compliance Site:

Questions You Should Ask Your IT Services Provider

CMIT Solutions helps our customers reach HIPAA compliance, within budget. We bring together our experts, existing templates, and HIPAA-compliant technology partnerships to protect our clients and their patient health information.  Let us help you reach and sustain compliance with our:

  • Updated Privacy and Security Risk Assessments
  • HIPAA-compliant Business Associate Agreements
  • Policies and procedures to handle the use and disclosure of PHI
  • Detailed employee training programs
  • Technical infrastructure improvements
  • Ongoing compliance management, administration and infrastructure support

HIPAA Compliance Services from CMIT Solutions of Northern Virginia are clear, effective, and affordable to implement.