The Year Of Healthcare Security Breaches

A single breach can cost a practice hundreds of thousands of dollars and ruin their reputation.

by | December 30, 2016       << Back to Blog    

Join the Conversation on Facebook!

Click to enlarge

2016 was a BIG year in healthcare security breaches. Ransomware, theft, hacks, phishing, etc. You name it. Check out the HHS news releases on their public website.  There is no guarantee 2017 will get any better.  If small practice providers and practice managers don't stay informed with this industry trend and are not aware of the threat, it becomes challenging for them to accept the fact that they need to invest in ongoing cybersecurity and HIPAA-compliant IT support. There is a big misconception in smaller practices that it is 'too expensive' and they cannot afford it.  Even worse, they think their 'IT guy' is handling everything or their EMR vendor has them covered.  

A single breach can cost a practice hundreds of thousands of dollars and ruin their reputation.

Civil money penalties (CMPs) are penalties that HHS imposes on a covered entity that have HIPAA violations. The penalty structure is tiered, based on the knowledge a covered entity had of the violation.  See the table below for a summary and pay attention that there is a difference between 'unknowing' and 'willful neglect'.

HIPAA Violation Minimum Penalty Maximum Penalty
Unknowing $100 per violation, with an annual maximum of $25,000 for repeat violations (Note: maximum that can be imposed by State Attorneys General regardless of the type of violation) $50,000 per violation, with an annual maximum of $1.5 million
Reasonable Cause $1,000 per violation, with an annual maximum of $100,000 for repeat violations $50,000 per violation, with an annual maximum of $1.5 million
Willful neglect but violation is corrected within the required time period $10,000 per violation, with an annual maximum of $250,000 for repeat violations $50,000 per violation, with an annual maximum of $1.5 million
Willful neglect and is not corrected within required time period $50,000 per violation, with an annual maximum of $1.5 million

$50,000 per violation, with an annual maximum of $1.5 million

As you can see, playing Russian roulette with your practice is not a good idea.  Have this conversation with your IT provider and let us know if you need a HIPAA-trained IT support company like WorryFreeMD as your IT partner.  We guarantee a 60 minute or less response time and our Help Desk technicians are always a phone call away to help you and your staff with any issue.  We'll do a comprehensive HIPAA Risk Assessment, remediate your HIPAA risks and set you up for ongoing cybersecurity, maintenance and support.

(201) 720-1662

www.WorryFreeMD.com

 


OTHER INTERESTING ARTICLES TO LOOK AT RIGHT NOW


 



About Fernando Sosa
Fernando Sosa is a technology consultant, project management professional, and software developer who helps small businesses and nonprofit organizations make the most of their information technology resources.


Comments: