HIPAA Final Rule Raises Fines for Non-Compliance
Healthcare leaders must direct someone, most likely privacy and security officers, to perform a thorough review to identify high level process and policy changes necessary for compliance with the new rule.
"I think for CEO and CIO, the first step is to ensure your privacy and security officers get right on this and digest it," says Kate Borten, CISM, CISSP, former head of information security at Massachusetts General Hospital in Boston and the president of The Marblehead Group, a healthcare privacy and security consultancy in Marblehead, MA. "They are your internal experts, and this is a big part of their role."
Organizations charged with HIPAA compliance must understand now that all signs are pointing to increased enforcement, adds Brad M. Rostolsky, partner in the Philadelphia office of the law firm Reed Smith, LLP.
"The 'good old days' of voluntary compliance and 'slaps on the wrist' seem to be a thing of the past," Rostolsky says. "As a result, it's important that regulated businesses, from the top down, are seen to have buy-in to HIPAA compliance efforts. HIPAA privacy and security officers should be involved at the highest levels of compliance planning."
- CMS Sets 2014 Pay Rates for Hospital Outpatient and Physician Services
- New G-Codes to Pay Doctors for Broad Array of Non-Face-to-Face Care
- FDA hopes hospitals will switch to newly regulated pharmacies
- States Rejecting Medicaid Expansion Forgo Billions in Federal Funds
- Douglas Hawthorne—A Chance to Do Something Big
- Why You Should Involve Patients in Nursing Handoffs
- Not-for-Profit Hospitals Find Opportunity Amid Uncertainty
- The 5 Biggest Healthcare Finance Trouble Spots
- Substance Abuse Resurfaces Among Anesthesiologists in Training
- 'Country Doctor of the Year' Embraces Challenges of Rural Medicine