Have you thought about HIPAA compliance today? If not, you might want to add it to your roster of the other 9 million compliance things you’re worried about because the OCR, the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services, announced its seventeenth settlement of an enforcement action in its HIPAA Right of Access Initiative. As you know, the ROA initiative support individuals' right to timely access to their health records at a reasonable cost under the HIPAA Privacy Rule.
What happens if an organization doesn’t give patients access to their records in a reasonable time frame? Well, they pay. The newest settlement was with Arbour Hospital (Arbour) in Massachusetts. In response to the right of access allegations, Arbour agreed to pay the OCR a monetary penalty of $65,000, undertake a corrective action plan, and undergo one year of monitoring. None of that sounds fun, and the worst part? It was entirely preventable.
Join our upcoming webinar, “The Horror Stories Behind Recent HIPAA Violations,” to learn about the most recent enforcement actions taken by the OCR and how to avoid the same mistakes and maintain HIPAA compliance in your organization. In this webinar, you’ll learn all about the OCR’s Right of Access Enforcement Initiative, enforcement surrounding HIPAA risk assessments and risk management, and other current HIPAA issues.