Recent HIPAA Fine Is Reminder: Protect Health Records

Does $865,000 seem like a lot of money to you?

That’s how much the UCLA Health System recently agreed to pay in order to settle potential violations of the HIPAA Privacy and Security Rules. UCLA will also have to come up with an action plan to put their system in compliance with those rules, as part of the settlement.

The original complaints stemmed from unauthorized employee access to electronic protected health information of patients. An investigation found that records were repeatedly accessed improperly, leading to the $865,000 settlement in early July.

OCR, the federal office overseeing HIPAA, has been cracking down on organizations that violate HIPAA rules, including another recent $1 million settlement with Massachusetts General Hospital.

Every business with employees is likely to manage records that are subject to HIPAA rules. If you know what you have and are properly protecting those files according to HIPAA, you should feel fairly confident that you’re safe from such litigation. If not, let this hard lesson for UCLA Health Systems be a reminder to get your health records in check–before your business faces a hefty fine from OCR.

My company, BIS, manages HIPAA-protected records for numerous health care organizations in the greater Cincinnati area. If you have questions or concerns about your business’ health care records management, please contact me. We’re happy to help ease your HIPAA worries.