Iliana Peters, Sr. Advisor for HIPAA Compliance & Enforcement at HHS Office for Civil Rights provided an overview of why enforcement is a critical component to protecting and securing ePHI; the latest information on the breaches that are being reported to OCR; details on access guidance; and what the ultimate enforcement penalties will be.
In 2016 and 2017, two large healthcare systems agreed to pay fines totaling over $11 million to the U.S. Department of Health and Human Services. The fines were in settlement of HIPAA violations for transgressions such as a lack of audit controls, insufficient safeguards for ePHI, and failure to provide timely notification of data breaches. Within only a six-month span, HHS had levied the two largest HIPAA violation fines in history—a record that is not likely to stand long.
These record-setting fines serve to spotlight the growing urgency that healthcare organizations must exercise in assuring and maintaining HIPAA compliance. 2016 brought an unprecedented ramp-up in HIPAA enforcement activities, and that trend is likely to intensify for 2017 and beyond.
Recurring compliance issues that place healthcare organizations at risk of incurring HIPAA violations include:
- Failure to manage identified risks
- Lack of appropriate auditing
- Insufficient defense against insider threats
- Lack of transmission security
- Insufficient data backup and contingency planning
Iliana L. Peters, J.D., L.L.M., is the Senior Advisor for HIPAA Compliance and Enforcement for the HHS, serving as the national lead for OCR enforcement of HIPAA rules. Ms. Peters recently teamed with Kurt J. Long, CEO and Founder of FairWarning, in presenting an important webinar: What’s New with HIPAA Enforcement.
The webinar provides updates about the Phase 2 HIPAA audits currently underway, and closely examines the OCR’s HIPAA enforcement priorities. Recent enforcement actions are discussed, along with a look ahead at the ultimate potential for enforcement penalties. The webinar also includes discussions about:
- The importance of HIPAA enforcement to the healthcare ecosystem
- Current trends in HIPAA enforcement
- Latest statistics on OCR-reported breaches
And finally, this webinar will describe how FairWarning provides a means of addressing Phase 2 HIPAA Audit protocol elements through a single, affordable platform. For healthcare professionals charged with maintaining HIPAA compliance, this webinar provides crucial guidance in preparing for future Phase 2 HIPAA audits.