HHS' OCR in February began using the new fine structure mandated by HITECH and handed one of the country's most prestigious hospitals, Massachusetts General Hospital (MGH) in Boston, a $1 million penalty for a breach violation.
Organizations need to determine whether they have fully implemented the Security Rule. The HIPAA Security Rule has been around for a while, but many organizations have not implemented all of its requirements.
Here's one trend industry observers say healthcare organizations can expect to see now and in the future: heightened patient awareness and concern about the security of their private medical data.
With newfound authority, some state attorneys general (AG) are beginning to take aim at covered entities (CE) that run afoul of HIPAA's Privacy and Security Rules.
