Written by: Robert Liles
THE NEW TEXAS HIPAA LAW
They say that everything is bigger in Texas, and its law concerning medical privacy is no exception. The Texas Legislature recently enacted the Texas Medical Privacy Act (TMPA)1, also known as the Texas HIPAA law. The new law substantially increases the compliance burden on medical and service providers, suppliers, business associates, third party payers and just about everyone who handles, transmits or stores Protected Health Information (PHI) or Electronic Protected Health Information (EPHI) in any way. Enforcing the new law is the task of the Texas Health and Human Services Commission (HHSC). The penalties are substantial. The range of civil fines and penalties reflect similar provisions of the federal Health Insurance Portability and Accountability Act of 1996 (HIPAA). Texas Civil Monetary Penalties (CMPs) include:
$5,000 for each negligent violation that occurs within 1 year.
$25,000 for each knowing or intentional violation that occurs within 1 year.
$250,000 for each knowing or intentional violation by a covered entity where PHI was used for financial gain.
Up to $1,500,000 if the frequency of violations establishes a pattern or practice.
WHO IS A “COVERED ENTITY” UNDER THE NEW TEXAS MEDICAL PRIVACY ACT?
From a practical point of view, nearly everyone who touches PHI/EPHI is now included. Under Sec. 181.001(b)(2) of the Texas Health & Safety Code, a “Covered Entity” means any person who…
Click here for the full article.
Originally published at http://www.lilesparker.com/2012/09/11/texas-medical-privacy-act/