Privacy Breaches Getting Costlier
August 21, 2013 by InTouch Health
With all the furor this summer over alleged NSA snooping and the resulting leaks, privacy is once again front-page news.
In the world of healthcare, HITECH legislation has dramatically increased the civil monetary penalties for HIPAA violations. In the past, the cost of a privacy breach topped out at $25,000. Now there’s a tiered-penalty system that levies fines up to $50,000 per violation – and up to $1.5 million for multiple violations. Ouch!
Your medical records could be in danger if HIPAA violations are present
The only way to reduce an organization’s culpability score is to show that a violation was unavoidable and involved no willful neglect. But that requires hiring high-priced lawyers who can document exactly what the organization did or didn’t do – which only adds to the expense.
The Affordable Care Act has increased funding for the Office of Inspector General’s oversight of healthcare violations, which means there are plenty of regulatory watchdogs out there, eager to spot lax security and possible HIPAA violations.
To make matters worse, we live in a digitally sneaky society, and hackers would love to get their hands on celebrities’ health records, which they could then tweet around the world. But the civil penalties are just as harsh for accidentally exposing a non-celebrity’s flu shot records.
The bottom line is: why risk a HIPAA privacy violation in the first place? In the realm of telemedicine, healthcare organizations that operate Skype-a-Doc programs on their own run an enormous risk. The wise choice is to work solely with technology partners with a proven record for keeping patient data safe and secure.
It all boils down to this: organizations that try to save money by designing their own telemedicine solution can wind up paying seven-figure fines as a result.