Government Mandates Could Cost Employers Huge Penalties
Philadelphia — Employers who ignore or are partially compliant with health care privacy issues could face greater government scrutiny and fines, says top Philadelphia attorney Christopher Ezold (www.ezoldlaw.com).
This new focus on compliance applies to the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the Health Information Technology for Economic and Clinical Health (HITECH) Act. HIPAA requires that a “covered entity” maintain the privacy of personal health information (PHI).
Covered entities can include health care providers, health plans and health clearing houses and their business associates. HIPAA does not apply to all employer-provided health insurance, but it does apply to employer-sponsored health plans and, therefore, to employers who sponsor those types of plans. A partner at Philadelphia-based The Ezold Law Firm, P.C., Christopher Ezold warns that while enforcement of PHI rules have been lax in the past, the U.S. Department of Health and Human Services (HHS) has recently imposed penalties of more than $1 million against companies found in violation of HIPAA.
For example, the Alaska Department of Health and Social Services agreed to pay a $1.7 million fine to settle possible violations. Blue Cross Blue Shield of Tennessee agreed to pay $1.5 million to settle potential HIPAA violations. Smaller employers have also found themselves on the receiving end of a HIPAA audit. This is a strong reminder for businesses to revisit their compliance programs.
The HHS’s Federal Office for Civil Rights (OCR) has stepped up HIPAA audits of “covered entities” that are subject to HIPAA. OCR has now begun levying significant monetary penalties for violations of HIPAA’s privacy rule. In practice, OCR is not interested in small fines; it has levied penalties in the hundreds of thousands and even millions of dollars for what appeared at first glance to be small issues, according to Ezold. The lesson here is that you should assume you are not a “covered entity” – you must ensure that you are not covered or, if you are covered, that you have met your obligations.
“If OCR comes knocking, you may be able to avoid significant liability by showing that you have engaged in a good faith attempt to meet your obligations,” says Ezold.
To protect yourself, hold an annual internal review to ensure that the privacy requirements are being met. OCR will not consider a once-and-done review to be sufficient; annual reviews provide better protection than merely doing an initial assessment. Ezold recommends:
• Designate a HIPAA compliance officer.
• Create privacy and security policies that comply with HIPAA and HITECH.
• Determine which employees have access to PHI.
• Limit access to PHI both operationally and in policy to those employees who “need to know.”
• Review physical and encryption security for PHI.
• Schedule annual reviews of policies, operations and regulations.
• Create annual risk analyses and security plans.
• Have policies in place regarding breaches of PHI security.
• Schedule annual computer network security reviews.
• Safeguard all physical/documentary PHI in a locked location.
• Create policies for reviewing and shredding old documents.
• Ensure that no one keeps PHI on any mobile digital device.
“Given that most businesses review their policies at the end of the year, this is an ideal time to have your counsel or compliance officer examine your own policies to ensure that you would not become an unfortunate victim of an OCR audit,” Ezold says. “A small investment in time now could prevent extremely painful repercussions down the road if you are not in compliance.”
Christopher Ezold is a partner at The Ezold Law Firm, P.C., a Philadelphia-based boutique law firm focusing on business, employment and health care law. Mr. Ezold has a L.L.M. in Taxation from the Villanova University School of Law, including a Certificate in Employee Benefits, serves as General Counsel to the Main Line Chamber of Commerce and is the past chair of the Board of Directors of the Magellan Leadership Group. Mr. Ezold is licensed to practice law in Pennsylvania, Delaware and New Jersey.
About Galileo Communications Inc.: Galileo Communications, Inc. provides public relations and publicity services. Also available on a limited basis for copywriting of direct mail packages, sales letters, brochures, white papers, ads, e-mail marketing campaigns, PR materials and Web pages.
2040 Fairfax Avenue
Cherry Hill, NJ 08003
This release was published on openPR.
Permanent link to this press release:
Please set a link in the press area of your homepage to this press release on openPR. openPR disclaims liability for any content contained in this release.
You can edit or delete your press release Government Mandates Could Cost Employers Huge Penalties here
News-ID: 248085 • Views: 1948
More Releases from Galileo Communications Inc.
Supply Chain Expert Tom Bonkenburg Speaks on the Future of Robotics
Contact: Tom Peric 856-874-0049 email@example.com St. Onge Co. Expert Reveals Opportunities for the New Wave of Robotic Systems Entering the Marketplace York, Pa. – St. Onge Co.’s (www.stonge.com) Tom Bonkenburg will present a keynote presentation on how robotics will impact the world of warehousing, logistics, distribution and material handling at Supply Chain World North America, April 8 to 10, 2013 at the Hilton St.Louis at the Ballpark in St.Louis, MO. His presentation, “A Look
Mission MMA Opens Doors of New Location in Westmont, NJ
America’s Fastest Growing Sport, Mixed Martial Arts, Adds Ultimate Fighting Championship (UFC) Veteran Waylon Lowe to Mission MMA Staff Westmont, N.J. — Led by chief instructors Bill Scalia and Rob Dell’Aquila, South Jersey’s leading mixed martial arts (MMA) gym, Mission MMA, has opened the doors to its new 4,600-square-foot location at 107 Haddon Ave., Westmont NJ, to offer MMA, cardio and conditioning classes to South Jersey. Joining them will be professional mixed
Maiden Media Group Certified as Minority Business Enterprise in Philadelphia
Philadelphia-Based Marketing Company Adds to Growing Trend of Minority-Owned Businesses Philadelphia — Maiden Media Group (maidenmediagroup.com), a strategic creative marketing company, announces it has received certification as a minority-owned business with the Philadelphia Minority Business Enterprise Council (MBEC). The MBEC works with the Philadelphia business community to build internal and external alliances with minority businesses, the city of Philadelphia, and private industries. It helps develop strong, mutually beneficial relationships
The Johnny M Foundation Holds Second Annual Fundraising Gala
Ribbons Express Sponsors Event to Complete Purchase of “Johnny’s House,” A Home for Cancer Respite Patients Cherry Hill, NJ — The Johnny M Foundation (www.johnnymfoundation.org), an organization dedicated to improving the lives of children whose families face adverse circumstances, is sponsoring its annual gala fundraising event to benefit “Johnny’s House.” The gala is Friday, Oct. 12, 2012, from 7:30 p.m. to 1 a.m., at the Westin Hotel, 555
More Releases for Ezold
Christopher Ezold Advocates Close Examination of the Upcoming Quarterly 401(k) R …
Philadelphia, PA - If that 401(k) retirement fund that you pay into each pay period is not growing as fast as you like, it might be because of hidden fees no one really explained to you. New rules will require disclosure of those hidden fees, which can add up to sizeable figures, especially in light of the 72 million Americans who participate in 401(K) type retirement plans. "This rule provides