Your E and O Won’t Cover HIPAA HITECH Fines

Resources to help you – HITECH Survival Center

I had a long conversation yesterday with a friend on the P&C side of the business and she has been researching whether a broker’s E&O policy could cover fines and penalties under HIPAA HITECH.

From all her research with E&O carriers there is no coverage. Since an E&O insurer cannot gauge the risk nor police the degree to which a broker is compliant with the privacy and security rules they will not insure it.

So put another way your firm is naked from a risk management perspective in terms of its insurance cover.

HIPAA HITECH is not some toothless DOL or ERISA law nor the HIPAA of 2003. WHY?

  • HHS is going to use fines to  fund enforcement,
  • The state Attorneys General keep a portion of any fines they levy
  • There is a “tip line” setup and any whistleblower get to keep a portion of any fines they help create

What is your risk? Lets start with the reputational risk alone

  • A new “Tattle” rule requires BA’s to report their CE’s (clients and carriers) breaches
  • Local media notification is mandatory if a breach involves 500 or more lives
  • allow the state Attorneys General to take legal action on privacy/security violations. CT took the first action against Health Net last week.
  • Establish new criminal and civil penalties for noncompliance that apply to BA’s as well


Penalty/Violation Maximum per Year
Tier A – Did not Know 100 25,000
Tier B – Reasonable cause, not willful neglect $1,000 100,000
Tier C – “Willful Neglect”, corrected $10,000 $250,000
Tier D – “Willful Neglect”, uncorrected $50,000 $1,500,000

So your organization’s only defense against HIPAA HITECH penalties and reputational risk is to get compliant, stay compliant and be sure to encrypt your email when transmitting PHI.

Explore posts in the same categories: brokers, Business, Employee Benefits, Healthcare, Healthcare Insurers

Tags: , , , ,

You can comment below, or link to this permanent URL from your own site.

One Comment on “Your E and O Won’t Cover HIPAA HITECH Fines”

  1. […] Industry Radar Insights Knowledge is Power. More Knowledge is the Ultimate Power. « Your E and O Won’t Cover HIPAA HITECH Fines […]

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: