Consultants to the Healthcare Industry
Call Us: (909) 931-7600

HIPAA Compliance in Healthcare

hipaa complianceHIPAA Compliance in healthcare has assumed greater importance since the passage of the HITECH Act of 2009, and the regulations implementing the HIPAA provisions of the Act.  Consequently, healthcare entities need to get serious integrating these regulations into their operations.


Expansion of HIPAA regulations

The original HIPAA regulations were issued in 2000 and laid the foundation for a national set of requirements to safeguard the:

  • Confidentiality
  • Integrity and
  • Availability of individually identifiable health information.

Over the years, these HIPAA regulations have been modified and expanded, most recently to cover ePHI (protected health information maintained and transmitted electronically), and to specify requirements for notifying patients in the event of an unauthorized disclosure or breach of security.

Healthcare organizations and medical practices concerned with HIPAA Compliance now face a lengthy list of requirements.  Just a few of these include:

  • Informing patients about privacy practices
  • Securing patient medical records – both paper and electronic
  • Conducting a risk assessment of the confidentiality, integrity and availability of ePHI held by the organization
  • Updating Business Associate Agreements with vendors and others to whom PHI is disclosed
  • Developing policies for breaches and notification to patients and the media

HIPAA Compliance … and Penalties for violations

HIPAA covered entities may be subject to steep penalties for violating these regulations. For general penalties they range from …

  • A minimum of $10,000 for each violation
  • A maximum of $25,000 for each violation
  • Wrongful disclosure of ePHI can include a maximum fine of $50,000 and imprisonment of no more than one year.
Business Associate Agreement Template
Free Business Associate Agreement Template

HIPAA Compliance Consultants

Members of The Fox Group have provided services as healthcare compliance consultants since before the first HIPAA regulations were issued over a decade ago. The Fox Group is uniquely qualified to assist medical practices and other healthcare organizations in their quest to meet these very specific regulations and to achieve HIPAA compliance.

A sampling of our services include:

  • Completing a HIPAA risk assessment covering both the privacy rule and security rule.
  • Development and implementation of HIPAA compliance program policies and procedures.
  • Provide staff training on their role in HIPAA and adherence to HIPAA law and related employer policies and procedures.

Excellence since 1989

The Fox Group was founded in 1989 and has provided outstanding healthcare consulting and executive management services to domestic and international clients throughout the United States and Europe.


EnglishChinese (Simplified)GermanFrenchSpanishDutch