Illinois Provider Pays $31,000 HIPAA Settlement Due to Lack of BA Agreement | Healthcare Informatics Magazine | Health IT | Information Technology Skip to content Skip to navigation

Illinois Provider Pays $31,000 HIPAA Settlement Due to Lack of BA Agreement

April 21, 2017
by Heather Landi
| Reprints

The Center for Children’s Digestive Health has paid the U.S. Department of Health and Human Services (HHS) $31,000 to settle potential violations of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy Rule and agreed to implement a corrective action plan, according to HHS.

CCDH is a small, for-profit health care provider with a pediatric subspecialty practice that operates its practice in seven clinic locations in Illinois. 

HHS reports that in August 2015, the HHS Office for Civil Rights (OCR) initiated a compliance review of the Center for Children’s Digestive Health following an initiation of an investigation of a business associate, FileFax, Inc., which stored records containing protected health information (PHI) for the healthcare provider. While Center for Children’s Digestive Health began disclosing PHI to Filefax in 2003, neither party could produce a signed Business Associate Agreement (BAA) prior to Oct. 12, 2015, according to HHS. Additionally, neither party could produce a signed BAA prior to Oct. 2015, HHS stated.

HHS also has issued guidance regarding business associate agreements, which can be found here.

 

Get the latest information on Cybersecurity and attend other valuable sessions at this two-day Summit providing healthcare leaders with educational content, insightful debate and dialogue on the future of healthcare and technology.

Learn More

Topics

News

Survey: Greatest Impact of Blockchain will be in Medical Record Storage

According to a recent survey, 60 percent of respondents believe that blockchain’s greatest impact will be in the storage of medical records, including genomic data—the fastest growing dataset in the world.

AMIA Calls on HHS to Clarify Status of “Common Rule” Updates

The American Medical Informatics Association (AMIA) recently sent a letter to the heads of the Department of Health and Human Services (HHS) and Office of Management and Budget (OMB), seeking information on the Federal Policy for the Protection of Human Subjects, also known as the Common Rule.

AMA/KPMG Survey: Docs Still Frustrated by MACRA’s Complexities

A new survey of 1,000 practicing physicians who have been involved in practice decision-making related to MACRA’s Quality Payment Program (QPP) shows that fewer than one in four physicians who have begun to get ready for the program feel well prepared to meet its requirements in 2017.

Cardiac Monitoring Companies Will Pay $13.45 Million to Resolve False Claims Act Allegations

Companies involved in remote heart monitoring through the use of the Pocket ECG device have agreed to pay the Justice Department $13.4 million to resolve allegations that they violated the False Claims Act by billing Medicare for higher and more expensive levels of cardiac monitoring services than requested by the ordering physicians.

HHS Will Award $195 Million to Health Centers to Leverage Health IT

HHS announced the availability of $195 million in a new funding opportunity for community health centers to expand access to mental health and substance abuse services focusing on the treatment, prevention and awareness of opioid abuse in all U.S. states.

Senators Push for Timeline, Planning on VA-Cerner EHR Project

Three U.S. senators have written a letter to Veterans Affairs (VA) Secretary David Shulkin, M.D. and Defense Secretary James Mattis asking for a timeline for VA’s Cerner EHR project and for plans to ensure that the technology systems of the VA and DoD will be integrated.