Banner Health agrees to pay $200k to resolve likely HIPAA violations
The U.S. Division of Health and Human Products and companies Situation of enterprise of Civil Rights launched on Tuesday that Banner Health had agreed to pay $200,000 to resolve likely violations of the HIPAA Privacy Rule’s honest of procure admission to frequent.
The Phoenix, Arizona-primarily primarily based entirely successfully being draw operates 30 hospitals, along with to to its loads of main care, urgent care and specialty care products and companies. It had been accused of failing to present participants procure admission to to their scientific records in a successfully timed fashion.
WHY IT MATTERS
HIMSS20 Digital
Be taught on-inquire of, assemble credit, safe merchandise and alternatives. Salvage Began >>
In accordance to an announcement, OCR had got two complaints regarding Banner Health’s affiliated covered entities.
In the principle, a person claimed that she had requested procure admission to to her scientific records in December 2017 and didn’t procure them except Can also unbiased 2018.
In the 2nd, a person acknowledged that it took except February 2020 for a Banner Health affiliate to ship an electronic reproduction of his records that he requested in September 2019.
“OCR’s investigations obvious that Banner Health ACE entities’ failure to present successfully timed procure admission to to the requested scientific records were likely violations of the HIPAA honest of procure admission to frequent,” well-liked the clicking originate.
Banner also agreed to undertake a corrective motion understanding that functions two years of monitoring.
THE LARGER TREND
The settlement is the 14th motion in OCR’s Simply of Salvage admission to Initiative, whereby the company promised to “vigorously set up in drive” the rights of patients to procure successfully timed copies of their scientific records with out being overcharged.
Most recently, this past month, a Georgia-primarily primarily based entirely enlighten Elite Essential Care agreed to prefer corrective actions and pay $36,000 to resolve a doable violation of the HIPAA Privacy Rule.
As Healthcare IT News‘ Mike Miliard reports, the enforcements reach on the heels of proposed rulemaking from OCR that can overhaul some aspects of the HIPAA Privacy Rule. The company’s likely modifications embody shortening covered entities’ required response time to no later than 15 calendar days (from the new 30 days), clarifying the shape and structure required for responding to requests for safe successfully being recordsdata, requiring covered entities to uncover patients about their honest to procure or to mutter copies of PHI to a third event when a summary of PHI is equipped in lieu of a duplicate, and reducing the id-verification burden on participants exercising their procure admission to rights.
ON THE RECORD
“This main resolution of the year indicators that our Simply of Salvage admission to Initiative is aloof going stable and that suppliers of all sizes must admire the honest of patients to fill successfully timed procure admission to to their scientific records,” acknowledged OCR Director Roger Severino.
Kat Jercich is senior editor of Healthcare IT News.
Twitter: @kjercich
Healthcare IT News is a HIMSS Media e-newsletter.