The Department of Health and Human Services (HHS) has proven that they’re serious about HIPAA infractions.  They recently imposed the largest monetary fines for HIPAA noncompliance on two well-known New York City institutions — New York-Presbyterian Hospital and Columbia University Medical Center.  They will have to pay  $4.8 million in fines because the electronic protected health information (ePHI) of their 6,800 patients showed up on Google in 2010.

What Should You Do? Schedule A HIPAA Security Risk Assessment Now. 

HHS is increasing their efforts to find businesses that aren’t in compliance with their HIPAA mandate.  They emphasize that it’s essential for healthcare organizations, and those they do business with, to conduct a HIPAA Security Risk Assessment.  This assessment detects any risks and vulnerabilities that could affect the confidentiality of ePHI.

If you haven’t had an assessment in the past year, you should schedule one now.  A HIPAA Security Risk Assessment includes:

• An evaluation of system threats and vulnerabilities.
• A review of your security policies and procedures for HIPAA compliance.
• Implementation of security safeguards to protect ePHI.
• An analysis of how ePHI can be stored and protected at all times.

Don’t risk costly fines or the ruination of your healthcare business.  Ensure you and your business associates comply with HIPAA by having {company} conduct a HIPAA Security Risk Assessment.  Call {phone} or email us at {email} to learn more.