Conversations about the future of federal regulations such as HIPAA enforcement have been growing in the months since President Trump has assumed office.
With executive orders calling for limitations on existing regulations and a halt to the creation of new ones, health care professionals across the industry have been pondering the fate of the Health Insurance Portability and Accountability Act–or HIPAA.
The regulation has been in place since 1996, and since then HIPAA has undergone significant revisions and addendums.
HIPAA is comprised of a set of federal standards that outlines privacy and security measures that must be in place to safeguard health care data. The Department of Health and Human Services (HHS) Office for Civil Rights (OCR) is the overseeing body. Tom Price has been appointed the Secretary of HHS and Roger Severino was recently named the new Director of OCR.
But what is the current status of HIPAA enforcement under the Trump Administration?
HIPAA enforcement Under Trump
Since the start of 2017, there have been over $11 million in HIPAA fines. These fines were levied against various players in the health care market for violations of the Privacy, Security, and Breach Notification requirements of HIPAA regulation.
The fines are as follows:
- January 9, 2017: $475,000 levied against Presence Health for lack of timely breach notification
- January 18, 2017: $2.2 million levied against MAPRE for mishandling ePHI
- February 1, 2017: $3.2 million levied against Children’s Medical Center of Dallas for security violations
- February 16, 2017: $5.5 million levied against Memorial Healthcare System for improper audit controls
That brings the fine total to $11,375,000 since the start of 2017 alone. Compare that to the $23.5 million levied in all of 2016 and the $6.2 million in all of 2015.
It’s yet to be determined whether the trend will continue, but so far HIPAA enforcement efforts have actually been more extensive under Trump than during the Obama Administration. With a 400% increase in fines between 2015 and 2016, this year is set to be the most expensive for HIPAA fines since the regulation was first enacted.
Political focus around HHS has been primarily centered on health insurance reform. Because of that, a massive shakeup through the rest of HHS does not seem likely.
HIPAA enforcement doesn’t seem to be going anywhere in the years ahead. That’s why it’s more important now than ever before to address your behavioral health practice’s compliance to save yourself from these growing number of fines.
Basic Telehealth Legal Issues: Rules, Regulations & Risk Management
Bring your telehealth practice into legal compliance. Get up to date on inter-jurisdictional practice, privacy, HIPAA, referrals, risk management, duty to warn, the duty to report, termination, and much more!