What Exactly is HIPAA?
HIPAA, short for the Health Insurance Portability and Accountability Act, is a set of regulations first introduced in 1996 that regulate how electronic health records are handled by medical providers and medical billing companies.
The new HIPAA HITECH introduces new regulations and clarifies some of the previous areas where exact implementation was hard to understand. One new area that HIPAA HITECH covers is that the vendors (entities that maintain, store or handle protected electronic health information) can also be fined along with their covered entities if they fail to meet HIPAA requirements. In plain words – the computer guy that certified the doctor as being HIPAA certified can also get in trouble if the requirements are not met.
How bad are the fines?
Violations of HIPAA can incur very steep fines as well as, in some cases, criminal charges. The average fine can be around $25,000 – $50,000 per incident per provider. So if there is a medical provider with 3 doctors and protected electronic information is not handled correctly, a fine of $150,000 may be assessed. This is the kind of fine that any small or medium sized business cannot afford to ignore let alone the original reasons why such regulations were made to protect confidentiality.
Are there solutions?
Cumulus specializes in HIPAA compliant medical software. We are a provider of HIPAA compliant cloud services for hosting of servers, databases and other information systems of protected data. In addition we offer on-site and server analysis to check for issues that are commonly related to working with protected data. Certifications start at a very minimal cost of about $2,000 for a single site with plans available for bigger institutions. Getting a HIPAA review done and avoiding one incident can not only save money but will save damage to the providers reputation.
Cumulus Technology has been a provider of HIPAA compliant software and our staff has worked with the medical industry for over 15 years. As a healthcare provider that must comply with HIPAA regulations, it would be wise to sit down with your Technology advisers and make sure they truly understand the new HIPAA HITECH. This is not only true for the healthcare professional but all Information Technology providers should make sure their healthcare clients also understand the IT providers need for compliance of their customers.
by William Sikkens & Gretchen Winkler ©2013
Cumulus Technology, Inc.