HIPAA Security Officer Aces OCR Investigations
Cignet Health's failure to cooperate with the government's HIPAA privacy and security enforcer just cost the Maryland hospital system $3 million.
It cost the system another $1.3 million when it failed to provide patients copies of medical records within 30 (and no later than 60) days.
The message can't be any clearer: when the Office for Civil Rights (OCR) knocks, answer the door.
About 48 hours after the Cignet news broke, OCR announced a $1 million settlement against Massachusetts General Hospital in Boston for an incident involving the loss of 192 patient records belonging to Mass General's Infectious Disease Associates outpatient practice, including patients with HIV/AIDS.
One security officer who "got it" before Cignet's landmark fine and settlement were announced is Greg Young.
Young, the information security officer at Mammoth Hospital in Mammoth Lakes, CA, has worked with OCR on about a handful of investigations.
"I never had the sense they were going to let me get away with anything," Young says. "They were pretty demanding and yet always professional. At one point they reminded me that they have the last word. Though I thought I was cooperating, they wanted more details. I'm amazed that Cignet got away with as much as they did for as long as they did."
- 'Kafkaesque' Value System Unfairly Penalizes Doctor Pay
- Proton Beam Therapy Poised for Growth in US
- mHealth Tackles Readmissions
- CNO Leads $1M Charge for New Scrubs, Uniforms
- 4 Crucial Tactics for Reining in Healthcare Cost
- Some Cancer Hospitals' Quality Data Will Soon Be Public
- How Digital Strategy Shapes Patient Engagement at Boston Children's Hospital
- How, and Why, to Recruit Male Nurses
- Half of All Primary Care, Internal Medicine Jobs Unfilled in 2013
- PA Ranks See 'Phenomenal Growth,' Lack of Diversity