The Standards for Privacy of Individual Identifiable Health Information (Privacy Rule) creates a set of national standards for the protection of targeted health information. Specifically individual’s health information known as “protected health information” by organizations subject to the Privacy Rule called covered entities as well as standards for individuals’ privacy rights to understand and control how their health information is used. Within HHS, the Office for Civil Rights (OCR) has responsibility for implementing and enforcing the Privacy Rule with respect to voluntary compliance activities and civil money penalties.
The primary goal of the Privacy Rule is to assure that individuals’ health information is properly protected while allowing the flow of health information needed to provide and promote high quality health care and to protect the public’s health and well being.
Key Points of the HIPAA Privacy Rule
The Office of Civil Rights (OCR) investigates HIPAA violations and can charge $100 – 50,000 per violation. That gets capped at $1.5 million for multiple violations. The charges are harsh to help ensure that data is safe and companies are following the HIPAA rules. Sonte Consulting can significantly reduce your organizations exposure to punitive damages due to HIPAA/HITECH violations.