The potential issues and security in healthcare related businesses can't be overstated. This recent piece from medical group management Association highlights the issue. Marcum has extensive capabilities for assisting healthcare organizations with data security and making certain that data is HIPAA compliant.
A series of recent HIPAA settlements, including the largest to date ($4.8 million), highlights the increased risk that mobile and portable devices containing electronic protected health information present to physician practices. In April, two entities collectively paid the Office for Civil Rights (OCR) more than $1.9 million in settlement after an unencrypted laptop was stolen from one of its facilities. As reported last week, a new OCR report revealed over 700 major security breaches over a three year period, with the majority citing theft as the cause.
OCR fines can now total up to $1.5 million per HIPAA violation and the agency appears to be shifting to a more punitive enforcement approach. In the past six weeks alone, the agency has collected over $10 million in settlements. Mobile devices such as laptops, tablets, smartphones, and even data storage units such as USB drives, are all extremely vulnerable to loss and theft. This can result in significant breach reporting costs and in some cases automatically initiate an OCR investigation.