Good Morning Federal Law Violators!

For the last 6 weeks we have been blogging about today, trying to get you all to pay attention and get ready and our countdown clock has now finished.

Welcome to HIPAA HITECH Judgment Day! You have had a year to get ready and be compliant and something tells me 99% of you are not. God Bless America! What a wonderful country we live in..

Ah the wonderful smell of “willful neglect” in the air. Like chum in the water for regulatory sharks and ambitious Attorney Generals and  the penalties that  they can levy and keep for financing enforcement activities! The FBI might even be called in like in Vegas!

In fact there is even a chance for whistleblowers to profit from your neglect. How are those ex-employees of yours? Just how loyal are the current folks?

Wouldn’t getting your firm in the local media and blogosphere for privacy and security breaches be fun?

I wish I were a broker today I would be smiling and dialing all the major accounts in town asking them if their broker was complying with federal law and if not getting a meeting to talk about our firm’s compliance and how that shows our respect for our clients. BOR’s here we come!

Even attorneys have been fearful of HITECH or trying to educate us all on what we are facing.

Oh, and guess what? Whether you are a solo agent or a top regional or national firm, a CIAB, M Financial, Assurex, BAN, UBA, NFP or other member the laws apply equally to everyone. CEBS, CLU, FLMI, AON and Al Smith are equal today – Ah, democracy at work protecting the personal, financial, identity and heath information of employees and their dependents.

And your E&O insurance will not cover you on these issues and any penalties!

Compliance is not an elective or some gut college course. It is the law and someone will get the lucky chance to be the Eddie Slovik of HIPAA HITECH. Let’s hope it’s not you

Of course your insurance carriers have tried to cover their butts ( see this post for more on that) and have either amended their agreements with you or you have signed off on them saying you are compliant so right as of today you have essentially perjured yourself and left your firm open to the insurers throwing your overboard if a breach occurs.

Lets go down a list of questions that you need to act on today and everyday from now on as you are now directly accountable.

  • Who is your “Chief Security Officer?
  • Are your privacy and security plans, policies and procedures in place?
  • Are they in writing?
  • Is your staff trained?
  • Do you have all your business associate agreements n place with your clients and vendors?
  • How many Federal Law Violations has your firm had already?
  • In other words how many exchanges of “unsecured PHI” have already taken place in your organization?
  • How many have come in from clients?
  • How many have gone out from your staff?
  • Do you even know?
  • Have they been recorded on your security log ?
  • Has a “risk assessment” been done on each one to be sure that the PHI was not compromised and is a “breach”?
  • Do you even know how to do a risk assessment of your email to see if it is compromised or eavesdropped on?
  • Have you told your clients about each one of these incidents in writing?

That old “willful neglect” song is getting louder by the minute.

Sounds like you aren’t ready for a HIPAA audit either. That already cost one of your peers a million dollar account.

Violation Penalty/Violation Maximum per Year
Tier A – Did not Know 100 25,000
Tier B – Reasonable cause, not willful neglect $1,000 100,000
Tier C – “Willful Neglect”, corrected $10,000 $250,000
Tier D – “Willful Neglect”, uncorrected $50,000 $1,500,000

The fines above accrue daily in some cases…..

CVS got a $2.5 million fine and 20 years of supervision from HHS!

Clearly you still must get compliant or in many cases fully compliant still.

Your biggest threat is unsecured PHI and email. Encrypting your email is a “safe harbor” under the law.

We can help.

We are working with firms all over the country as we speak to get compliant and get encryption in place.

Explore posts in the same categories: Business

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: