Questions? Feedback? powered by Olark live chat software HIPAA settlement - Insurance company pays $3.5M - eMedics

Welcome to eMEDICS! your IT partner for Patient Management

Opening Hours : Monday to Friday - 9am to 5pm
  Contact : +44 74 58 03 89 49

icon form keyboard hipaa

HIPAA settlement – Insurance company pays $3.5M

Sees HIPAA as ‘an opportunity to strengthen privacy policies’

Jessica Davis, Associate Editor
Jessica Davis is Associate Editor of Healthcare IT News.

Triple-S Management Corporation has agreed to settle potential HIPAA violations with the U.S. Department of Health and Human Services’ Office of Civil Rights to the tune of $3.5 million, after repeatedly failing to put safeguards in place for its beneficiaries’ PHI.

In addition, the San Juan, P.R.-based insurance holding company will implement a robust corrective action plan to correct its HIPAA compliance deficiencies, an effort that’s already been initiated.

OCR has offered technical assistance to help with the corrective plan and will continue to work with the OCR to gain HIPAA compliance.

To obtain good-standing, Triple-S must create a risk analysis and risk management plan; a process to evaluate and address environmental or operational changes affecting PHI security; policies and procedures to facilitate HIPAA compliance and a training program for all TRIPLE-S workforce and business associates.

“Triple-S is committed to protecting the privacy and security of its beneficiaries’ health information and implementing the corrective action plan entered into with OCR,” said TRIPLE-S President and CEO Ramon M. Ruiz, in a press statement.

“We are pleased with the agreement and regard it as an opportunity to strengthen our privacy policies. We have appreciated OCR’s technical assistance to date and look forward to our collaboration in the future,” he added.

Just 25 percent of healthcare institutions with an official mobile messaging platform use internal, company-authorized tools, a new report shows. The rest make use of consumer apps that don’t offer the security needed to comply with regulations, such as HIPAA.

“We are seeing a rapid adoption of mobile messaging in healthcare as the industry looks to work faster, improve patient care and reduce wasteful spending,” said Anurag Lal, CEO of Infinite Convergence Solutions, the mobile messaging developer that sponsored the study.

“The problem,” he added in a press statement, “is that many healthcare institutions are not aware that the messaging apps and services that are popular for daily personal use do not follow the administrative, physical and technical safeguards that HIPAA requires.”

he study found that only 8 percent of healthcare institutions prohibit consumer messaging apps for employee communication – perhaps unsurprising given employees in the healthcare industry use mobile messaging more frequently than voice calling for colleagues with whom they communicate most frequently.

More than half (51 percent) of respondents say their company doesn’t have an official mobile messaging platform. Of those, 83 percent say their company doesn’t recommend a mobile messaging platform. Of the 17 percent who say their company does recommend one, iMessage and Skype are most commonly cited.

Of that 51 percent, moreover, 92 percent would use a company-wide mobile messaging platform, if the company decided to implement one; 64 percent say it would make communication easier at their job.

Meanwhile, of the 49 percent of respondents who say their employer has an official mobile messaging platform, 24 percent have an internal, company-created app, 16 percent have GChat, 11 percent use WhatsApp.

“We’ve found that 91 percent of healthcare employees use mobile messaging at least a few times per week for business communication,” said Lal, in a statement. But while HIPAA and other government rules require strict security measures, “our study finds that the vast majority of healthcare institutions are not using mobile messaging services that are compliant with these regulations,” said Lal.

“Healthcare employees communicate inherently sensitive information,” he said. “Healthcare institutions need to get serious about meeting their employees’ needs and providing a secure, internal messaging platform that not only allows HIPAA compliance, but also replaces outdated communication systems, like pagers, in order to increase productivity and serve patients faster.”

December 16, 2015 / Posted by / HIPAA settlement – Insurance company pays $3.5M