Fines

Even though HIPAA regulations do not require that you have a network diagram, TLD Systems does recommend all our clients use a network diagram. By using a network diagram you will not only be able to identify issues or breaches, but also should you have a breach it is evidence that you are taking the steps to protect your practice and ePHI to the best of your ability. With this evidence you can reduce or even eliminate possible sanctions because of a breach.

A New York City Neurology Practice, Comprehensive Neurology PC has settled an alleged HIPAA violation for $25,000

When we discuss HIPAA most of the articles have been on security and breaches, but HIPAA goes well beyond privacy and Security.  One aspect of the HIPAA rule is the “Right of Access”.   OCR (The Office for Civil Rights – the branch of HHS the enforces HIPAA) is enforcing this law even more strongly since the 21 Century Cures Act was published.  OCR has begun to levy fines against organizations that are in violation of the “Right of Access” rule.