Skip to main content
close search
site logo
Dive Brief

Aggressive enforcement of privacy breaches on the horizon

Published June 19, 2014
By
Judy Packer-Tursman Contributing Editor

Dive Brief:

  • HIPAA fines are expected to significantly increase over the next 12 months, with HHS starting a new round of HIPAA audits soon, according to a National Law Review report.
  • Audits will be conducted later in 2014 on some of the 1,200 companies identified earlier this year as potential audit candidates. Included in HHS's extensive audit strategy: 800 covered entities (healthcare providers, insurers or clearinghouses) and 400 business associates.
  • A federal lawyer recently told an American Bar Association conference the HHS Office of Civil Rights wants to send a strong message to the industry through high-impact cases concerning privacy rights. A huge number of HIPAA cases deal with personal mobile devices, he said, and most data breach cases resulting in financial settlements arise from an entity's failure to conduct a comprehensive risk assessment, as required by HIPAA.

Dive Insight:

HHS has recovered more than $10 million in connection with alleged violations of the Health Insurance Portability and Accountability Act from numerous U.S. healthcare entities since mid-2013 alone, according to the National Law Review. Yet the chief regional civil rights counsel for HHS said that the past 12 months' enforcement will pale in comparison to the next 12 months.

In April, HHS unveiled details of round two of its HIPAA auditing, in which covered entities and their business associates are subject to audits. The latter may be penalized up to $1.5 million per violation. 

The attorney writing the NLJ article said "simply knowing that such plans are in place is not enough, and entities subject to HIPAA should begin to examine their own policies and practices and make changes as needed."

Taking action makes sense not just because of HIPAA auditors. Cybersecurity experts warned at a Washington Business Journal event June 12 that cyberthreats across the U.S. are rapidly outpacing the ability to combat threats. And the problem's scope extends beyond stealing data and leaving: attackers may be able to shut down power or connectivity.  

Recommended Reading

Editors' picks

Company Announcements

View all | Post a press release
AMPS to Spotlight ClaimInsight at CAHP 2025, Delivering a Smarter Future for Payment Integrity…
From Advanced Medical Pricing Solutions (AMPS)
August 21, 2025
Advanced Medical Pricing Solutions (AMPS) logo
Expion Health Earns Spot on 2025 Inc. 5000 List of America’s Fastest-Growing Private Companies
From Expion Health
August 14, 2025
Expion Health logo
Collette Health Partners with Virtual Nursing Pioneer Dr. Bonnie Clipper to Advance Industry-L…
From Collette Health
August 06, 2025
Collette Health logo
Availity and Onyx Launch Comprehensive CMS-0057 Compliance Platform for Health Plans Powered b…
From Availity
August 06, 2025
Availity logo
Editors' picks
Latest in Hospitals
Industry Dive is an Informa TechTarget business.
© 2025 TechTarget, Inc. or its subsidiaries. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell
This website is owned and operated by Informa TechTarget, part of a global network that informs, influences and connects the world's technology buyers and sellers. All copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. TechTarget, Inc.'s registered office is 275 Grove St. Newton, MA 02466.