The penalty is the first civil monetary penalty issued by the HHS for a covered entity’s violations of the HIPAA privacy rule. In Oct. 2010, HHS’ Office for Civil Rights determined that Cignet had violated the rights of 41 patients by denying them access to their medical records when requested. The denials of records made up $1.3 million of the $4.3 million penalty.
OCR also found Cignet had failed to cooperate in the agency’s investigation, refusing to produce records in response to an OCR subpoena. This violation totaled $3 million of the total penalty.
“It seems like an incredibly high penalty,” says Scott Becker, JD, CPA, a partner at McGuireWoods. “We would infer that the OCR found the conduct to be unusually egregious,” says Mr. Becker.
Read the HHS release on Cignet Health.
Read more about HIPAA:
– Protecting Patient Data to Protect Your Hospital: A Guide
– 3 Changes to HIPAA in the Interim Rule and Best Practices for Maintaining Compliance
At the Becker's 23rd Annual Spine, Orthopedic and Pain Management-Driven ASC + The Future of Spine Conference, taking place June 11-13 in Chicago, spine surgeons, orthopedic leaders and ASC executives will come together to explore minimally invasive techniques, ASC growth strategies and innovations shaping the future of outpatient spine care. Apply for complimentary registration now.
