2011 HIPAA Violations and Audits

For more information on HIPAA violations including violation types and associated penalties, specific HIPAA violation cases, and tips to avoid a HIPAA violation, visit What is a HIPAA Violation?


HIPAA Compliant Data Centers

Looking for more information on HIPAA IT requirements, recommendations, and the foundation of a secure HIPAA compliant data center?

Download our HIPAA Compliant Data Centers white paper now for a complete guide to HIPAA hosting with IT vendors.

Still have questions? Contact us or chat with us now. Find out more about our fully compliant, HIPAA hosting solutions, or submit a quote request for your project today.


HIPAA Audits and HIPAA Enforcement

Source: Ober & Kaler Attorneys at Law

With upcoming HIPAA Audits becoming an undeniable short-term reality, no health care organization can afford to overlook HIPAA compliance. The most recent major HIPAA violationby the University of California at Los Angeles Health System (UCLA) prompted a settlement of $865,000 for violating privacy laws by leaking celebrity medical data to the news media.

Earlier this year, Cignet Health was the recipient of a $4.3 million fine for refusing patient access to their medical data.As seen in HIPAA Violations above, the greatest number of HIPAA violations occur in the form of physical theft, including paper records and portable electronic devices (i.e., laptops).

The switch from paper records to an Electronic Medical Records (EMR) system is intended for increased protection of health information through technology – the use of firewalls, data encryption, access logs, etc. The federal EHR incentive program was created to supply funding for health care technology to accomplish a complete transition from paper to electronic record keeping and transmission.

However, electronic records can still be stolen (as seen in physical theft by laptop or other portable device). More and more health care organizations are eyeing server virtualization (aka cloud computing) and SaaS models of delivering health care related software to increase the protection of electronic protected health information (ePHI) by the use of firewalls, intrusion detection and prevention, access authentication and more.

The improved resiliency of cloud computing for backing up sensitive data and the applications that use them are also affording health care IT groups new ways to assure the availability of ePHI and related systems.

While public clouds present challenges to proving that sensitive data can be protected and highly-available, many health care related IT groups are accomplishing HIPAA compliance with private clouds. Unlike public clouds, private clouds use virtualization technologies within a dedicated and secure network.

When placed in a high-availability environment, these private cloud servers offer HIPAA compliant hosting for healthcare applications and patient data along with the cloud computing benefits of scalability, quick deployment and cost-savings.

Source: ComputerWorld.com

facebooktwittergoogle_pluspinterestlinkedinmail
This entry was posted in Cloud Computing, HIPAA Compliance and tagged , , , , , , , , , . Bookmark the permalink.

4 Responses to 2011 HIPAA Violations and Audits

  1. Pingback: Compliance, Disaster Recovery & Business Sustainability: Cloud Computing for Healthcare

  2. Pingback: Benefits of Private Cloud Computing: Compliant & Cost-Effective

  3. Pingback: OCR Audit Requirements Following a Self-Reported HIPAA Breach

  4. Pingback: 2011 SMBs and Disaster Recovery in the Cloud | Data Recovery Tulsa

Leave a Reply

Your email address will not be published. Required fields are marked *

*

* Copy This Password *

* Type Or Paste Password Here *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>