Lawyer: Ignore HIPAA at your own risk

Employers who do not comply with healthcare privacy issues may face increased government scrutiny and fines. The Health Insurance Portability and Accountability Act (HIPAA) requires covered entities to maintain the privacy of personal health information (PHI). The Department of Health and Human Services (HHS) has recently imposed fines of over $1 million against companies in violation of HIPAA, highlighting the need for businesses to ensure they are in compliance. It is recommended that employers designate a HIPAA compliance officer, create privacy and security policies, and conduct annual reviews to prevent potential audits and penalties.