Subcontractor snoops on patient records
October 3, 2013 in Medical Technology
This should have come as no surprise to BAs, said Office for Civil Rights Director Rodriguez.
“We have been clear for a very, very long time now with the business associates about the fact that they will become directly accountable under the regulations, that they should begin taking all the necessary steps to amend, if necessary, their policies and procedures and practices to come fully into compliance with these obligations,” he said in an interview with Healthcare IT News.
[See also: Unencryption at core of HIPAA breach.]
OCR has received some 80,000 complaints regarding HIPAA violations since 2003. Sixteen of those have resulted in hefty monetary penalties.