Looking to take advantage of the incentives around “Meaningful Use of” certified EHRs? Don’t forget security, or these incentives could be replaced by significant fines and damaging negative publicity. In the past, HIPAA security enforcement has been somewhere between lax and non-existent. HITECH looks to change that.
HITECH Act
As part of the ARRA, the HITECH Act of 2009 introduced incentives for the adoption of EHR. It also increased the potential liability for non-compliance and significantly enhanced the enforcement of the existing HIPAA security standard.
Enforcement
• Fines increased from a cap of $25,000 (2009 and prior) to a cap of $1,500,000 (now).
• $250,000 extending to $1,500,000 for “Willful Neglect.”
• States Attorney General may now bring action, not just HHS.
Data Breach Notification
• Breach Notification mandates public patient notification in the event of a suspected breach within 60 days.
• Applies to unauthorized uses and disclosures of "unsecured PHI."
The stakes are high, and NetWorks Group can help your organization minimize the risks associated with HIPAA compliance. NetWorks Group’s proven methodology will help you Assess Risk, Remediate Gaps and Manage Risk:
Benefits of NetWorks Group HIPAA Security Services
• We review Technical Controls and Policies, Physical Controls and Contracts for Third Party Compliance and map those areas to Security Standards for HIPAA compliance.
• Within the final report, NetWorks Group provides a matrix of all the findings and the level of risk that each finding carries.
• We provide a detailed Remediation Roadmap on how to fix gaps and our Tactical Services team can implement those fixes.
The NetWorks Group Difference
• A highly-skilled and dedicated team for HIPAA Security Compliance Services
• We utilize a comprehensive set of proven and repeatable methodologies
• Deliverables for both the business and technical audiences
