Cignet Health and Massachusetts General Hospital discovered the HHS gets seriously interested in HIPAA violations. HHS enforced a $4.3 million penalty on Cignet Health for HIPAA violations and Mass General decided to spend the money for Feds $a million to stay potential HIPAA violations. For more information on HIPAA penalties, visit our website today!
Mass General’s case involved losing of protected health information (PHI) of 192 patients of Mass General’s Infectious Disease Associates outpatient practice. That calculates to in excess of $5000 per record lost. Cignet’s was discovered to violate 41 patients’ rights by denying them use of their medical records.
This Year, Rite Aid decided to pay $a million to stay a HIPAA privacy case after neglecting to safeguard consumer medical information.
HIPAA has been around spot for a lengthy time now, nevertheless its enforcement and the financial impact of violations happen to be difficult to pinpoint until lately. Using these cases as examples, it is a lot more apparent that violations can be quite costly.
IT shares the duty for HIPAA protection of all medical electronic records and patient information. Using the recent HIPAA enforcement actions, it’s becoming more and more important that health care IT runs inside a secure, SAS 70 audited data center.
It may assure HIPAA compliance by running its servers and data storage in HIPPA compliant data centers that address the physical, data and network security. The best method to assure this security is within place would be to ask to examine the information center’s SAS 70 or SSAE 16 audit report. The audit report should particularly cover the approaches for the information center’s physical security, network security and control of accessibility data around the server.
SAS 70 auditing is invaluable in creating trust between your webhost and prospects and might help result in further enhancements within their internal controls lower the road. Getting you servers inside a SAS 70 audited data center can provide you with the peace of mind that they’re following through using their promises and that your computer data is protected. Just make certain to obtain a good consider the audit before investing in one data center within the other. Want to know more about HIPAA compliance? Visit our website today for more information.
Additionally to SAS 70 you should get references using their company HIPAA compliant clients when selecting a host company. It’s one factor to state you are compliant, another to possess clients that are presently practicing underneath the data security standards and have passed their very own HIPAA compliant audit.