HIPAA compliance - tackling privacy issues

The healthcare industry has taken its time to come around to technology in administrative areas and HIPAA and its regulations are forcing compliance. To make this relatively bigger gap in the health care sector when compared to other industries as far as HIPAA is concerned the industry is looking at Information Technology to make the leap.

HIPAA is battling privacy protection and has laid down strict guidelines to be implemented. So what are the penalties involved for a privacy breach and how is it done? Organizations that fail to protect this information face fines ranging from $10,000 to $25,000 for each instance of unauthorized disclosure. If the disclosure is found to be intentional, HIPAA provides for fines ranging from $100,000 to $250,000 and possible jail time for people involved in the violations. 

Then there is outsourcing and transcribing issues that can lead to further privacy issues and this is probably because we all by now expect our medical records to be transcribed from remote India! Healthcare sector has blurred geographic boundaries and today it is the norm to have this done so. We also have medical tourism and outsourced surgeries and radiologists overseas studying our health records.

So, how does HIPAA hope to penalize privacy breaches that can happen overseas? Therefore all covered entities can be legally sued for a privacy breach and we have one conviction to date for such a breach. As far as outsourced PHI protected health information the covered entities that contract such overseas firms will be held liable. Countries like India put their transcribers through several HIPAA qualifying tests and certifications.

However, as soon as widespread use of encryption and other network security measures are implemented HIPAA compliance will be achieved and all that will be needed is proper maintenance of the system. But, till then we are susceptible to having protected health information being compromised very much like our bank accounts and credit card numbers.


RSS Subscribe to the comments for this post
Posted on : May 27 2006
Posted under Legislation, Privacy & security |

Post a Comment