What to Expect and How to Prepare: Healthcare Security & Privacy Regulation and Enforcement in 2015 and Beyond

Enforcement of the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) has been on the rise over the last several years.  The United States Department of Health and Human Services Office for Civil Rights (“OCR”), the agency responsible for HIPAA enforcement, boasted record-breaking recoupments and settlements in 2014.  For 2015, it appears OCR’s intentions for robust enforcement are not waning.  Although the HIPAA regulations are broad and far-reaching, OCR appears to be focusing its efforts in particular areas, including cybersecurity and business associate agreements.  OCR plans to review organizations’ policies and procedures to ensure they comply with current regulations.  Now is the time to review your policies and procedures to ensure that they are up-to-date and operating effectively within your organization.

The OCR website offers various tools for implementing appropriate policies and procedures and ensuring that your organization is effectively complying with HIPAA.

Additionally, this 2015 HIPAA Presentation offers a brief overview of key areas that health care organizations should review to ensure their current policies and procedures are as effective as possible.

Carrie Gilbert is an attorney practicing in the Northern Kentucky office of the firm.