Select Page

In early 2018, the U.S. Department of Health and Human Services’ Office of Civil Rights (OCR) cycled through multiple health privacy enforcement heads over a 4-month span. Despite this turnover, OCR tallied $28.7 million from its completed HIPAA enforcement actions in 2018 -an all-time record that easily surpassed the prior record of $23.5 million from 2016.

US HHS OCR set a record in dollar amount from enforcement actions in 2018

Everyone is fair game

And it’s not like OCR only targeted big fish, either. While Anthem ($16 million, record-setting settlement) is certainly was a big fish, OCR settled with Filefax, Inc., a bankrupt shredding company, for $100,000 and Allergy Associates of Hartford, a 3-physician practice, for $125,000.

While OCR successfully imposed enforcement action on 10 organizations, that does not account for the number of organizations that were investigated. Remember, even small practices and defunct business associates are fair game for OCR enforcement as we learned from 2018. Because of the potential for hefty penalties, an OCR investigation is one headache you would like to avoid, if possible.

Maintain a healthy compliance program

How can you stay out of OCR’s metaphorical jail cell (or even a literal jail cell)? A healthy, robust compliance program is the key. At Eagle Consulting Partners, we offer a wide variety of HIPAA compliance and risk management services, such as HIPAA Risk Assessments (or Risk Analyses), Risk Management retainers, and custom HIPAA policies and procedures. Click here to contact us!

 

REFERENCES:

About Jacob Overdorff

Jacob Overdorff, Consultant for Eagle Consulting

Jacob is a consultant at Eagle Consulting with a legal background and strong focus on HIPAA-Compliance obligations.  He graduated from University of Akron School of Law in 2015, has worked as a law clerk for the International Institute of Akron, and brings research, client service, and management skills to the team.

Pin It on Pinterest