HIPAA security breaches about to cost more thanks to HITECH

While healthcare providers and their associates--which include third-party administrators, claims processors, attorneys, accountants and software providers--have been required since September 2009 to report breaches of 500 medical records or more if the records include non-encrypted data, some states have been enacting tougher laws. Now, it looks as though the federal government will be upping fines--in some cases up to $1.5 million--related to the leak of personal information, as well.

Beginning in mid-February, penalty ranges now will correspond to what the violator did or did not know. Willful neglect, for example, will cost between $10,000 and $50,000 per violation. There are several other categories of neglect and knowledge.

Of late, there have been a number of large, publicized breaches, including 15,000 compromised records of Kaiser Permanente patients and 450,000 compromised records of Health Net of Connecticut patients.

To learn more:
- read this San Francisco Business Times article
- here is a breakdown of all the rules that will go into effect next month

Suggested Articles

The profit margins and management of Community Health Group raise questions about oversight of managed care insurers.

Financial experts are warning practices about the pitfalls of promoting medical credit cards to their patients.

A proposed rule issued by HHS on Tuesday would expand short-term coverage, a move Seema Verma said will have "virtually no impact" on ACA premiums.