HIPAA Breaches

HIPAA Breaches on the Rise Under Trump Administration


Please support Telehealth.org’s ability to deliver helpful news, opinions, and analyses by turning off your ad blocker.

According to the Department of Health and Human Services (HHS) Office for Civil Rights (OCR), there have been 66% more HIPAA breaches since the start of 2017 than reported in all of 2016.

OCR lists all Meaningful Breaches on the Breach Report Portal, otherwise known as the OCR Wall of Shame. Since the start of 2017, there have been 221 breaches reported that constitute a HIPAA violation, versus 133 for all of 2016. With three months left of the year, that percentage is only going to become more significant by the end of 2017.

HIPAA regulation classifies a Meaningful Breach as a data breach affecting more than 500 individuals. As per the HIPAA Breach Notification Rule, Meaningful Breaches must be reported to HHS OCR no later than 60 days after their discovery. Health care organizations experiencing a Meaningful Breach may also be required to inform local news media and local authorities about the HIPAA breach upon discovery as well.

So far, HIPAA fines have reached $17.1 million since the start of 2017. Compare that to $23.5 million in 2016, and just $6.2 million in 2015.

Newly appointed Trump Administration OCR Director, Roger Severino, has indicated that the agency has set its sights on continuing to enforce HIPAA compliance violations.

Severino was quoted in early September, saying that: “At most I will say the big, juicy case is going to be my priority and the methods for us finding it–stay tuned.” All indications point to a continuation in the historically uncharacteristic HIPAA fines and settlements that have come to characterize the past four years of HIPAA enforcement.

Severino went on to say that: “Just because you are small doesn’t mean we’re not looking and that you are safe if you are violating the law. You won’t be.”

Stringent enforcement tactics, combined with a marked 66% increase in Meaningful Breaches sets the stage for more HIPAA fines in the future. The Trump Administration has continued the momentum behind this new wave of regulatory strictness, and all signs indicate that they’re going to get even worse by the time 2017 reaches a close.

Basic Telehealth Legal & Ethical Rules: HIPAA, Privacy, Working Across State Lines, Malpractice Insurance

Bring your telehealth practice into legal compliance. Get up to date on inter-jurisdictional practice, privacy, HIPAA, referrals, risk management, duty to warn, the duty to report, termination, and much more!

Disclaimer: Telehealth.org offers information as educational material designed to inform you of issues, products, or services potentially of interest. We cannot and do not accept liability for your decisions regarding any information offered. Please conduct your due diligence before taking action. Also, the views and opinions expressed are not intended to malign any organization, company, or individual. Product names, logos, brands, and other trademarks or images are the property of their respective trademark holders. There is no affiliation, sponsorship, or partnership suggested by using these brands unless contained in an ad. We do not and cannot offer legal, ethical, billing technical, medical, or therapeutic advice. Use of this site constitutes your agreement to Telehealth.org Privacy Policy and Terms and Conditions.

Notify of
Inline Feedbacks
View all comments
Would love your thoughts, please comment.x