In a Notification of Enforcement Discretion Regarding HIPAA Civil Money Penalties issued on April 23, 2019, the Department of Health and Human Services (HHS) exercised “its discretion in how it applies HHS regulations concerning the assessment of Civil Money Penalties (CMPs) under the Health Insurance Portability and Accountability Act of 1996 (HIPAA), as such provision was amended by the Health Information Technology for Economic and Clinical Health (HITECH) Act” to reduce the maximum annual fines it will impose for HIPAA violations.… More
Tag Archives: CMP
Compliance Approaches in the Changing HIT Privacy and Security Landscape: How You Can Nurture a Culture of Health Information Security and Privacy
My slides from this presentation, "Compliance Approaches in the Changing HIT Privacy and Security Landscape: How You Can Nurture a Culture of Health Information Security and Privacy" cover HIPAA and HITECH developments and compliance, with a focus on breaches and OCR settlements/penalties, including:
- §Resolution Agreement with Providence Health & Services–July 16, 2008
Settlement: $100,000 - §Resolution Agreement with CVS Pharmacy,…
HHS Fines Cignet Health $4.3 Million for HIPAA Violations
Earlier today, the U.S. Department of Health and Human Services’ (HHS) Office for Civil Rights (OCR) issued a Notice of Final Determination finding that Cignet Health of Prince George’s County, Md., (Cignet) violated the Privacy Rule of the Health Insurance Portability and Accountability Act of 1996 (HIPAA). HHS imposed a civil money penalty (CMP) of $4.3 million for the violations, representing what OCR said was "the first CMP issued by the Department for a covered entity’s violations of the HIPAA Privacy Rule." … More