To borrow from Longfellow’s poem:

Listen my children and you shall hear
Of the midnight ride of Paul Revere,

In this case, it isn’t a midnight ride but a late afternoon speech by Jerome B. Meites, a chief regional civil rights counsel at HHS, in Chicago.  Historians say Revere never uttered the famous phrase and neither did Meites specifically say the The fines are coming! The fines are coming!  However, Meites did speak during the American Bar Association’s Physicians Legal Issues Conference in June.  Included in his remarks were a few choice nuggets that have been reported on by those in attendance.  Notably, when referring to the fact that HHS has levied more than $10 million in fines over the last twelve months he said:

“Knowing what’s in the pipeline, I suspect that that number will be low compared to what’s coming up.”

He also mentioned the audit program is still expected to begin later this year which will include both CEs and BAs (one-third being BAs).

Finally, the same message we have heard since the 2012 pilot audits was, yet again, reiterated in his advice concerning HIPAA Compliance.  Failure to perform a complete and thorough risk analysis factored into the cases where breaches resulted in financial settlements instead of just a corrective action plan.

If your risk analysis hasn’t been done in the last couple of years, you attested for meaningful use already, or if it took you about an hour to do it, now is the time to heed the call and get a comprehensive one done sooner rather than later.

The people will waken and listen to hear
The hurrying hoof-beats of that steed,
And the midnight message of Paul Revere.

Filed under: HIPAA Tagged: Encryption, Enforcement, HIPAA, HITECH, Risk Analysis, Security Risk Analysis, Small Provider