Tuesday, June 28, 2011

Texas Law Hikes Penalties for Violation of Health Care Privacy

$1.5 million penalty for repeat offenders

The governor of Texas signed a new law that increases privacy violation penalties to a maximum of $250,000 if the disclosure is for financial gain. There are also lower penalties of $25,000 per knowing or intentional violation, and $5,000 per negligent violation. (The previous maximum was $2,500 per violation.)

Moreover, the courts may assess a civil penalty up to $1.5 million if they find the "violations have occurred with a frequency as to constitute a pattern or practice".
"There's no data more sensitive than your healthcare data. We have lots of laws to protect financial data; I wanted to strengthen our laws protecting healthcare data."
- Lois Kolkhorst (Republican), bill sponsor in Texas House of Representatives
For entities licensed by the state, additional penalties can include probation, suspension, or revocation of a professional license.

By adopting HIPAA privacy standards, the new state law requires that protected health information (PHI) not be disclosed without the patient’s authorization, except for purposes of treatment, payment, health care operations, insurance purposes, and as otherwise authorized by state or federal law.
Download a white paper on medical records privacy breach detection as a service. Learn how an on-demand, pay-per-use service can cost effectively address the HIPAA/HITECH privacy and security rules - with no hardware and no on-site software.
Sources:
(a) H.B.ANo.A300 - An act relating to the privacy of protected health information; providing administrative, civil, and criminal penalties. - Texas State Government, June 2011
(b) New Texas Health Care Privacy Law - Baker Hostetler legal practice data privacy blog, June 2011
(c) Texas Enacts Health Privacy LawLaw - Healthcare InfoSecurity, June 2011


No comments:

Popular Posts

Copyright © 2010-2017 by Veriphyr Incorporated, All Rights Reserved.

Contact us at Veriphyr.com.