• Magazine
    • Past Issues
    • Subscribe
    • Change Mailing Address
    • Surveys
    • Guidelines for Authors
    • Editorial Calendar
    • Editorial Deadlines
    • Dynamic Chiropractic
      • Newspaper
      • Subscription
    • The American Chiropractor
      • Magazine
  • Practice
    • Business Tips
    • Chiropractic Schools
    • Clinical & Technique
    • eBooks
    • eCourses
    • Sponsored Content
    • Infographics
    • Quizzes
    • Wellness & Nutrition
    • Personal Growth
    • Podcast
    • Coronavirus (COVID-19)
  • Resource Centers
  • Products & Services
    • Buyers Guide
    • Products Directory
    • Submit a Product
    • Vendor Login
  • Datebook
    • Become an Events Poster
    • Post an Event
    • View Events
  • Jobs
    • Jobs
    • Post a Job
  • Advertise
    • Advertising Information
    • Media Kit
    • Contact Us

Your Online Chiropractic Community

Chiropractic Economics Your Online Chiropractic Community
Subscribe
  • Home
  • Current Issue
  • News
  • Webinars
  • Chiropractic Research
  • Students

HIPAA violations: Enforcement and consequences

Chiropractic Economics December 5, 2014

CE_investigateBy Dava Stewart

Anyone working in a sector of the healthcare industry is familiar with the Health Insurance and Portability and Accountability Act (HIPAA). The mammoth law has three main parts: the Privacy Rule, the Security Rule, and the Breach Notification Rule, and “covered entities”—including doctors of chiropractic—are required to adhere to these rules, according to the U.S. Department of Health and Human Services.

For many clinicians and their staffs, understanding exactly what compliance entails has meant training, extensive study, and perhaps even hiring a third party to assess risk. Most DCs and their staffs are up to speed on the subject, but what some may not know is how the rules laid out in HIPAA are enforced and what the consequences of violation are.

The Office for Civil Rights (OCR) is the entity responsible for enforcing the three parts of HIPAA. The two main ways it enforces the Privacy and Security Rules is to investigate complaints and to conduct compliance reviews. The OCR also conducts educational outreach programs to help covered entities understand the rules and remain in compliance.

When the OCR receives a complaint, the first step is intake and review. If a criminal violation is suspected, the OCR works with the Department of Justice (DOJ) to carry out an investigation; however, if a non-criminal violation is a possibility, the OCR completes an investigation.

There are several reasons an investigation would not be carried out:

• The possible violation did not occur after April 14, 2003 (the date the OCR began accepting complaints).

• The complaint was not filed within 180 and an extension was not granted.

• The entity is not covered by the Privacy Rule.

• The incident described does not violate the rules.

If the OCR (and/or DOJ) does carry out an investigation, there are several possible outcomes:

• No violation occurred.

• The entity voluntarily complies, the OCR takes corrective action, or other agreement is reached.

• The OCR issues a formal finding of violation.

Resolution agreements and civil money penalties are two possible outcomes when the OCR finds a covered entity to be in violation. According to the Health and Human Services website,

“A resolution agreement is a contract signed by HHS and a covered entity in which the covered entity agrees to perform certain obligations (e.g., staff training) and make reports to HHS, generally for a period of three years. During the period, HHS monitors the covered entity’s compliance with its obligations. A resolution agreement likely would include the payment of a resolution amount. These agreements are reserved to settle investigations with more serious outcomes. When HHS has not been able to reach a satisfactory resolution through the covered entity’s demonstrated compliance or corrective action through other informal means, civil money penalties (CMPs) may be imposed for noncompliance against a covered entity. To date, HHS has entered into 21 resolution agreements and issued CMPs to one covered entity.”

The idea of an investigation is uncomfortable, but it’s important to note that an investigation doesn’t always have a negative outcome. Keeping your practice in compliance, your staff well-versed in exactly what compliance means, and all records in order are the best means of insuring any investigation will show that you are within the bounds of the law.

Related Posts

  • DCs invited to participate in PBRN researchDCs invited to participate in PBRN research
  • Wellness chiropractic positioning itself for a surgeWellness chiropractic positioning itself for a surge
  • Study finds opportunities for integration of doctors of chiropractic into U.S. private sector health-care facilitiesStudy finds opportunities for integration of doctors of chiropractic into U.S. private sector health-care facilities
  • Sherman College of Chiropractic names Chiropractor of the Year, Regent of the YearSherman College of Chiropractic names Chiropractor of the Year, Regent of the Year
  • NBCE hosts student leadership forumNBCE hosts student leadership forum
  • Wave of U.S. Physicians Planning to Adopt Electronic Medical Records, Accenture Report FindsWave of U.S. Physicians Planning to Adopt Electronic Medical Records, Accenture Report Finds

Filed Under: Practice Management Software, Resource Center

Current Issue

CE issue 2 cover

Follow Us

  • Facebook
  • Twitter
  • Instagram
  • LinkedIn
  • YouTube logoYouTube logoYouTube

Compare Subscriptions

Dynamic Chiropractic

The American Chiropractor

3948 3rd Street South #279,

Jacksonville Beach, FL 32250

Phone 904.285.6020

CONTACT US »

Privacy Policy & Terms of Service

Copyright © 2021, All Rights Reserved

SUBSCRIBE TO THE MAGAZINE

Get Chiropractic Economics magazine
delivered to your home or office. Just
fill out our form to request your FREE
subscription for 20 issues a year,
including two annual Buyers Guides.

SUBSCRIBE NOW »

Latest Chiropractic News

  • Doctors of Chiropractic in the News: Community service and Olympic-level care
  • Foundation for Chiropractic Progress’ Podcast Wins Gold in the AVA Digital Awards
    Foundation for Chiropractic logo
  • Foot Levelers Names Jamie Greenawalt as President, Signifies a New Era of Growth for the World’s Leading Provider of Flexible Custom-Crafted Orthotics