This time, a dental office in Texas was assessed a $10,000 HIPAA fine as information was improperly disclosed in response to a Yelp review. I know it can be frustrating to have negative online reviews and you want to respond and support/protect your clinic – but unfortunately, there are items you cannot say, especially in the online world! Like it or not – it is the REALITY! Read more about responding to Yelp reviews in my Article “An Expert’s Guide to Patient Privacy and Online Reviews.”
“It’ll Never Happen to my Organization”
In my many years of consulting in the healthcare privacy and security space, I hear it all the time:
The reality is if you are a HIPAA covered entity, you must comply with the HIPAA regulations. The last 2 HIPAA enforcement fines have taught us that you MUST get your HIPAA Compliance Program in order. Both of these latest fines have shown that small data breaches (less than 10 individuals impacted) have the potential to get a HIPAA fine assessed. There are no more excuses, no more “I didn’t know,” no more “it won’t happen to my organization.”
It is important to remember that HIPAA compliance is more than providing an annual staff training or creating and posting a Notice of Privacy Practices. It is about developing a HIPAA program that is supported by policies, procedures, and practices to show you are serious about protecting the information that your patients provide to you.
Are you unsure of the current state of your organization’s HIPAA Compliance? Take Planet HIPAA’s FREE 11 question HIPAA Checkup below!
Dental Office Pays $10,000 for HIPAA Violation
In the most recent HIPAA enforcement fine, the dental office was investigated because a patient complained (they have that right under HIPAA), that their protected health information was improperly disclosed in response to a Yelp review response. The dental practice in this example isn’t a large organization, it is actually a one provider dental office located in Dallas, Texas.
Besides the HIPAA Fine, the Dental Practice has to take some drastic steps to get their HIPAA Compliance up to date AND get it approved by the federal government:
Wow, that is a lot of important steps to take that are timely and cost prohibitive to the practice BESIDES the $10,000 fine.
We have created a FREE HIPAA Training Acknowledgement Form for you workforce after HIPAA training has been completed. All workforce members should complete this once they have finished HIPAA training. Click the button below now to download your Free copy!
If you have questions about HIPAA training, please feel free to contact us at [email protected]
What we have learned from the last 2 OCR HIPAA Enforcement penalties: Patients have a right to have their information protected by your organization. In the event that a patient feels that the information provided was not properly protected, they have a right to complain to the OCR. The OCR may open an investigation, which can result in a corrective action plan or a fine with a corrective action plan. Don’t let this happen to your organization, focus your organization on getting into HIPAA Compliance now!
Danika
Join our mailing list to receive the latest HIPAA news and updates from the Planet HIPAA team. Your information will never be shared.
50% Complete
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua.