28 Feb Virginia: Medical Malpractice – a Lawyer’s HIPAA
A healthcare provider’s violation of the Health Insurance Portability and Accountability Act of 1966 (“HIPAA”) may import medical malpractice liability to its patient. Significantly, a healthcare provider’s HIPAA violation increasingly may import administrative financial liability to the Federal government – and even criminal liability – regardless whether the patient pursues a medical malpractice claim.
Fines and penalties for HIPAA violations have increased significantly. For example, fines for willful negligence range from a mandatory minimum of $10,000.00 up to $50,000.00 per day for each HIPAA provision violated, plus violations “knowingly” also may be punished by imprisonment; hipaajournal.com highlights $26,000,000.00 in penalties, including 23 settlements from $125,000.00 to $4,500,000.00; and reportedly “even smaller physician groups have wound up in the enforcers’ crosshairs, with net settlements for hundreds of thousands of dollars”.
Further, hipaajournal.com publicizes that in 2015 the United States Department of Health and Human Services recommenced its random audit program for HIPAA violations. Under new rulemaking, its Office for Civil Rights (“OCR”) can audit a healthcare provider spontaneously, and plans to audit 350 healthcare organizations and 50 business associates in the coming year. Obviously, however, the probability of OCR auditing increases dramatically when a patient complains to it about HIPAA violation.