Enforcing standards for privacy and security is a major part of a new health information exchange accreditation program, says Lee Barrett, executive director of the Electronic Healthcare Network Accreditation Commission.
In the second major HIPAA enforcement action announced by federal authorities this week, Massachusetts General Hospital and its physicians organization have entered into a resolution agreement that calls for paying a $1 million settlement and taking corrective action to avoid future violations.
The owner of four clinics in Maryland has been fined $4.3 million for HIPAA privacy rule violations that involved failing to provide 41 patients with access to their medical records and then failing to cooperate with federal investigators.
The federal list of major health information breaches included 240 incidents affecting 6.5 million individuals as of Thursday. But that number soon could grow substantially as a result of incidents that made headlines this week.