As a healthcare professional, you are responsible for your patients. Not only are you responsible for helping them, you’re also expected to comply with all federal regulations, such as HIPAA.
While every day is business as usual, imagine if one day everything drastically changed. Here are two hypothetical scenarios that could happen:
Scenario 1: You walk into your office one morning to discover your computer network was breached. Not only was your company’s data exposed, but your patients’ information was also compromised. On top of that, your practice is now on the HIPAA breach list. Now, your current clients, potential clients, and everyone in the country can see your company’s name published on the list.
Scenario 2: Your waiting room is bursting with patients, you’re in the middle of a routine exam, and suddenly a team of FBI agents storm your doors. The FBI agents raid your practice, serve you with a warrant or subpoena, and seize boxes of your files and records or even your computers and hard drives! When the government gets involved in your practice, that means you might be in serious trouble.
You might believe that neither of these scenarios could come true. Maybe you think these events couldn’t happen to you because your practice is “too small” or things “like that” don’t happen around here. Did you know that a few practices in Rhode Island and Massachusetts were recently raided by FBI agents?
HIPAA and the Government
Understanding HIPAA regulations is confusing and overwhelming. Many healthcare professionals are familiar with the patient privacy and data protection side of HIPAA. However, HIPAA also provides funding to investigate potential healthcare fraud and abuse. With this funding, the Department of Health and Human Services’ Office of the Inspector General and the Department of Justice conducted fraud investigations in practices across the country.
Originally, the government focused on large health care organization, but shifted its focus to also include smaller practices. Whether your PHI isn’t properly protected, or you made an error in your billing and coding, you could be noncompliant.
The consequences of noncompliance can be severe. They can include anything from fines to even more serious penalties that could bring down your entire practice. If your practice is suspected of healthcare fraud, your punishments can include civil fines, criminal penalties, and exclusion from Medicare and Medicaid programs. Even a slight error in using your DBA name instead of your corporate name could raise some red flags and launch a search.
You will be investigated and questioned about your actions and intentions. If your answers are inadequate, you could be found liable and face serious fines and lawsuits. Claiming you didn’t know or that it was an accident is not an acceptable defense. At the end of the day, the government has the final say in if you made a mistake or if you intentionally committed fraud.
Penalties for being non-compliant with HIPAA regulations can be serious. Depending on the severity of the infractions, you could be required to pay fines ranging from $100 to $50,000 per violation or record. The maximum penalty amount is $1.5 million per year for each violation.
Could you afford to pay those fines? Could your practice afford to have that negative publicity?
When it comes to protecting your practice, you need to know, without any lingering doubts, that you are doing everything you can to ensure your practice is HIPAA compliant.
Is Your Practice Compliant?
Now more than ever, smaller practices need assistance with their compliance if they want to avoid trouble with the government. Are you uneasy, or believe you need assistance getting compliant? We can help!
At IT Support RI, we specialize in helping healthcare practices make sense of their IT and HIPAA. We currently support a variety of clients in the healthcare field. Navigating the waters of HIPAA Compliance can be tricky for even the most experienced compliance officer. We provide monthly reporting and assist in annual audits to make your job easier. Plus, our entire staff is HIPAA certified, so you can rest assured that every recommendation we make has HIPAA in mind.
Our technicians can help keep your practice safe, secure, and compliant. Stop worrying about your IT security and start focusing on your patients. To learn more about IT Support RI, visit www.ITsupportRI.com/optometrists or www.ITsupportRI.com/Hipaa-Compliance-RI.