The Obama administration has promised to be tougher when it comes to enforcing HIPAA laws. This week a Maryland health service company gained the dubious honor of being the first company or entity to be assessed a Department of Health and Human Services CMP – Civil Money Penalty. And with that penalty assessed at $4.3 million, obviously this should be a sign to all connected with HIPAA transactions that yes, this administration does mean business.
Cignet Health failed to honor the access to medical records requests of 41 of their patients between September 2008 and October of 2009. The company’s failure to cooperate with the subsequent investigation by HHS OCR (Office of Civil Rights) officials earned them another $3 million in fines at the end of the day. According to the official press release about the matter it was the HHS’s position that Cignet had displayed a willful neglect to the basic privacy rules laid down by HIPAA.
“Ensuring that Americans’ health information privacy is protected is vital to our health care system and a priority of this administration,” Health and Human Services Secretary Kathleen Sebelius said in a statement.