The Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) may not be currently conducting active HIPAA audits at the moment, but that isn’t stopping them from punishing medical practices for HIPAA violations.
In fact, they just issued an astounding $2.15 million in fines to the Jackson Health System (JHS) in Miami, FL for multiple flagrant HIPAA violations over the course of five years:
- December 2012: Patient records were lost; to make it worse, the losses were not reported until June 2016!
- June 2013: JHS reported losing more than 700 paper records, all of which contained Personal Health Information (PHI).
- 2015: Two employees accessed a patient’s ePHI and then shared a photo with reporters… A photo that not only contained the patient’s medical data but was then also shared on social media!
- February 2016: JHS reported that over 24,000 patient records were accessed and stolen by ONE employee since 2011.
While these violations were flagrant in nature, it just goes to show that the HHS hasn’t slowed down in their pursuit of fining the medical community for HIPAA violations.
How secure is your medical practice? Would you pass the test? Contact us today, for the peace of mind of you, your business and your patients.