HIPAA Conviction Charges Against Massachusetts Physician

HIPAA convictionHIPAA violations are making the news in more ways than one as yet another HIPAA conviction is announced.

The US Department of Justice (DOJ) announced that a physician based out of Massachusetts has been convicted of criminal charges for the unlawful distribution of protected health information (PHI) under HIPAA law. Protected health information is any demographic information that can be used to identify a patient. Common examples of PHI include names, addresses, emails, telephone numbers, Social Security numbers, medical records, and insurance ID numbers, to name a few.

This criminal HIPAA conviction is the result of a wider investigation by the DOJ into pharmaceutical giant Warner Chilcott. In 2015 Warner Chilcott was fined $125 million after pleading guilty to felony health care fraud charges.

The physician in this case is charged with granting pharmaceutical representatives from Warner Chilcott illegal access to PHI. The representatives then targeted individual patients for marketing. The physician also received kickbacks from Warner Chilcott totaling $23,500.

Even though this is a case of clear misconduct on the part of the physician, the threat of criminal HIPAA charges extends to many other examples within the past few years as well.

Behavioral health professionals are at particular risk of HIPAA violations because of the sensitivity of the information that they handle on a daily basis. Unlike most other types of health care records, HIPAA deems “psychotherapy notes” to be under a different classification than regular health care records. The HIPAA Privacy Rule, which sets national standards for the privacy of PHI, has separate standards that behavioral health professionals must be aware of in order to mitigate the threat of criminal HIPAA convictions in response to improper use or disclosure of PHI.

This case proves more than anything that HIPAA regulation can pose a greater risk than mere financial penalties, including criminal convictions and jail time. As of the writing of this piece, sentencing for the physician, in this case, is forthcoming.

HIPAA Resources

Compliancy Group gives behavioral health professionals confidence in their HIPAA compliance with The Guard®. The Guard is a web-based HIPAA compliance solution, built by former auditors to help simplify compliance. Compliancy Group’s team of expert Compliance Coaches® field questions and guide users through the implementation process, taking the stress out of managing compliance. The Guard is built to address the full extent of HIPAA regulation, including guided walkthroughs of HIPAA Risk Assessments. With The Guard, behavioral health professionals can focus on running their practice while keeping their patients’ data protected and secure. Find out more about how Compliancy Group and the HIPAA Seal of Compliance® can help simplify your HIPAA compliance today!

Join us for the TBHI recorded training entitled: Cybersecurity: Top 5 Things You Can Do Tomorrow Morning to Protect Your Practice.