HIPAA Security - Avoiding Penalties


The Health Insurance Portability and Accountability Act (HIPAA) for Security has been around since 2002. It has been updated with the HIPAA Omnibus. This video helps the audience understand aspects of the security related HIPAA aspects that can cause a significant fine. The video also provides tips on avoiding these fines.

HIPAA Omnibus Highlights

  • The final rule expands patient rights by allowing them to ask for a copy of their electronic medical record in electronic form.
  • Penalties for noncompliance with the final rule are based on the level of negligence with a maximum penalty of $1.5 million per violation.
  • The final rule changed what incidents are exceptions to the definition of "breach." Before, an incident was an exception to the definition of breach if the PHI used or disclosed a limited data set that did not contain any birthdates or ZIP codes. Under the final rule, breaches of limited data sets — regardless of their content — must be handled like all other breaches of PHI.