According to the Department of Health and Human Services (HHS) Office for Civil Rights (OCR), there have been 66% more HIPAA breaches since the start of 2017 than reported in all of 2016.
OCR lists all Meaningful Breaches on the Breach Report Portal, otherwise known as the OCR Wall of Shame. Since the start of 2017, there have been 221 breaches reported that constitute a HIPAA violation, versus 133 for all of 2016. With three months left of the year, that percentage is only going to become more significant by the end of 2017.
HIPAA regulation classifies a Meaningful Breach as a data breach affecting more than 500 individuals. As per the HIPAA Breach Notification Rule, Meaningful Breaches must be reported to HHS OCR no later than 60 days after their discovery. Health care organizations experiencing a Meaningful Breach may also be required to inform local news media and local authorities about the breach upon discovery as well.
So far, HIPAA fines have reached $17.1 million since the start of 2017. Compare that to $23.5 million in 2016, and just $6.2 million in 2015.
HIPAA Enforcement Trends Under Trump Administration
Newly appointed Trump Administration OCR Director, Roger Severino, has indicated that the agency has set its sights on continuing to enforce HIPAA compliance violations.
Severino was quoted in early September, saying that: “At most I will say the big, juicy case is going to be my priority and the methods for us finding it–stay tuned.” All indications point to a continuation in the historically uncharacteristic HIPAA fines and settlements that have come to characterize the past four years of HIPAA enforcement.
Severino went on to say that: “Just because you are small doesn’t mean we’re not looking and that you are safe if you are violating the law. You won’t be.”
Stringent enforcement tactics, combined with a marked 66% increase in Meaningful Breaches sets the stage for more HIPAA fines in the future. The Trump Administration has continued the momentum behind this new wave of regulatory strictness, and all signs indicate that they’re going to get even worse by the time 2017 reaches a close.
Compliancy Group gives behavioral health professionals confidence in their HIPAA compliance with The Guard®. The Guard is a web-based HIPAA compliance solution, built by former auditors to help simplify compliance.
Compliancy Group’s team of expert Compliance Coaches® field questions and guide users through the implementation process, taking the stress out of managing compliance. The Guard is built to address the full extent of HIPAA regulation, including fully automated documentation of policies, procedures, employee training, and remediation plans.
With The Guard, behavioral health professionals can focus on running their practice while keeping their patients’ data protected and secure.
Find out more about how Compliancy Group and the HIPAA Seal of Compliance® can help simplify your HIPAA compliance today!
Disclaimer: The views and opinions expressed in the article and on this blog post are those of the authors. These do not necessarily reflect the views, opinions, and position of the Telebehavioral Health Institute (TBHI). Any content written by the authors are their opinion and are not intended to malign any organization, company or individuals.