Kilclare Home VA International
SolutionsSystemSupportContractingDownloadsAbout UsContact
VA Reference

SolutionsImplementationsMethodsContentCorporate GovernanceSarbanes-OxleyCOSO FrameworkInformation TechnologyFinancial ServicesHealthcareOMB A-133


HEALTHCARE


Health and Human Services

The following knowledgebase templates have been prepared for use in VISUAL Assurance as a starting point to assist you in performing Gap Analyses and Due Diligence Reviews against the regulatory and guidance material published by the HHS.

  • Click on the file size indicator to download the file.

Remember, Kilclare knowledgebase templates are only available for use within VISUAL Assurance. Please contact Kilclare Software's Client Services office for information on how to obtain a copy of VISUAL Assurance for your organization.

HIPAA

On February 13, 2003, HHS announced the adoption of the HIPAA Security Final Rule. The final standards were published in the February 20 Federal Register with an effective date of April 21, 2003.

Under the HIPAA statute, violations of the Final Security Rule can result in penalties of up to $100 per person per violation, up to a maximum of $25,000 for violations of a single standard during a calendar year. HIPAA statutory provisions also provide for criminal penalties for the knowing misuse of health identifiers or obtaining or misusing PHI of: (a) up to $50,000 and one year in prison for knowing violations; (b) up to $100,000 and up to five years in prison if the offense is committed under false pretenses; and (c) up to $250,000 and 10 years in prison if the offense is committed with intent to sell, transfer, or use individually identifiable health information for commercial advantage, personal gain, or malicious harm.

Other risks include the threat of civil litigation, negative effects on accreditation status, damaged reputation and loss of contracts that require HIPAA compliance.

 
FR*
Size
  
Library: Department of Health & Human Services (DHHS)      
HIPAA Privacy Standards - §164.530 Administrative Requirements
2
  

 

 
FR*
Size
  
Library: HIPAA Security Standards - Final Rule (45 CFR Parts 160/2/4)    
HIPAA Security 0: General Rules (§164.306)
2
  
HIPAA Security 1: Administrative Safeguards (§164.308)
2
  
HIPAA Security 2: Physical Safeguards (§164.310)
2
  
HIPAA Security 3: Technical Safeguards (§164.312)
2
  
HIPAA Security 4: Organizational Requirements (§164.314)
2
  
HIPAA Security 5: Policies, Procedures and Documentation (§164.316)
2
  

 

OIG, HHS Corporate Compliance Programs

The foundation of this voluntary guidance mirrors the compliance elements set forth in the Federal Sentencing Guidelines. The seven elements articulated in these guidelines include: implementation of written policies, procedures and standards of conduct; designation of a high-level compliance officer and other appropriate officials; development of training and education programs; creation of hotlines or other measures for receiving complaints and procedures for protecting callers from retaliation; enforcement of standards through well-publicized disciplinary directives; performance of internal audits; and prompt response to detected offenses through corrective action.

 
FR*
Size
  
Library: Office of Inspector General (OIG), HHS      
OIG Compliance Program for Hospitals
5
  

(*) Formatting Revision

Kilclare Footer Solutions System Support Contracting Downloads About Us Contact Us
Solutions Brochure Solutions Brochure