By using this site, you agree to the Privacy Policy and Terms of Use.
Accept
Health Works CollectiveHealth Works CollectiveHealth Works Collective
  • Health
    • Mental Health
    Health
    Healthcare organizations are operating on slimmer profit margins than ever. One report in August showed that they are even lower than the beginning of the…
    Show More
    Top News
    improving patient experience
    6 Ways to Improve Patient Satisfaction Within Hospitals
    December 1, 2021
    degree for healthcare job
    What Are The Health Benefits Of Having A Degree?
    March 9, 2022
    custom software development is changing healthcare
    Digital Customer Journey Mapping and its Importance for Healthcare
    July 21, 2022
    Latest News
    Beyond Nutrition: Everyday Foods That Support Whole-Body Health
    June 15, 2025
    The Wide-Ranging Benefits of Magnesium Supplements
    June 11, 2025
    The Best Home Remedies for Migraines
    June 5, 2025
    The Hidden Impact Of Stress On Your Body’s Alignment And Balance
    May 22, 2025
  • Policy and Law
    • Global Healthcare
    • Medical Ethics
    Policy and Law
    Get the latest updates about Insurance policies and Laws in the Healthcare industry for different geographical locations.
    Show More
    Top News
    ACO infographic
    A Closer Look at Accountable Care Organizations [INFOGRAPHIC]
    June 5, 2014
    Medical Residents Get Their Own Social Network
    December 19, 2012
    FDA Social Media Guidance: Hangout on Air
    July 29, 2014
    Latest News
    Top HIPAA-Compliant Messaging Apps for Healthcare Teams
    June 25, 2025
    When Healthcare Ends, the Legal Process Begins: What Families Should Know About Probate and Medical Estates
    June 20, 2025
    Preventing Contamination In Healthcare Facilities Starts With Hygiene
    June 15, 2025
    Strengthening Healthcare Systems Through Clinical and Administrative Career Development
    June 13, 2025
  • Medical Innovations
  • News
  • Wellness
  • Tech
Search
© 2023 HealthWorks Collective. All Rights Reserved.
Reading: HIPAA Enforcement: Who’s in Charge?
Share
Notification Show More
Font ResizerAa
Health Works CollectiveHealth Works Collective
Font ResizerAa
Search
Follow US
  • About
  • Contact
  • Privacy
© 2023 HealthWorks Collective. All Rights Reserved.
Health Works Collective > Policy & Law > HIPAA Enforcement: Who’s in Charge?
Policy & Law

HIPAA Enforcement: Who’s in Charge?

David Harlow
Last updated: February 3, 2014 9:00 am
David Harlow
Share
0 Min Read
SHARE
Headscratch flickr cc san_drino

The recent Headscratch flickr cc san_drino

The recent FTC decision in the LabMD case (pdf) (full docket here) has HIPAA-watchers scratching their heads, tugging their beards, and generally wondering about reconciling FTC-style litigation-based regulation with OCR-style rule-based regulation of health care data privacy and security.

Here’s my take: For a covered entity or business associate that has all its ducks in a row – HIPAA Privacy, Security and (for Covered Entities) Breach Notification policies and procedures, a completed risk analysis, training and testing of workforce documented – FTC regulation should not be problematic. I think that the FTC would be hard-pressed to find an entity that is in compliance with HHS HIPAA rules and relevant state law to be in violation of the FTC Act’s prohibition of “unfair … acts or practices.”

The FTC does not have specific rules in place in this area, and is not likely to promulgate rules (it has rules in place for PHR breach notification, under the HITECH Act, but that is outside of HIPAA jurisdiction). The FTC regulates unfair acts or practices by filing complaints and dealing with violations of its basic statute on a case-by-case basis. It is not unreasonable for the FTC to assert that it has overlapping jurisdiction with OCR jurisdiction under HIPAA. Fines under the FTC Act are limited to $16,000 per violation (as opposed to the maximum fine of $1.5 million under HIPAA).

More Read

Top Three Essentials for General Health Care during Pregnancy
ACO Pilot Program Judged a Failure
Tackling the Side Effects of Parkinson’s Treatment
Practicing Medicine Like An Elite Athlete: Competing Against Disease At The Highest Level
Privacy and Security: Joke or No Joke?

The FTC asserting jurisdiction should be of concern for entities subject to HIPAA that are not in compliance with HIPAA – like LabMD in this case.

Ultimately, however, the question arises: What would the FTC do in any particular case that OCR would not already do? If both are actively enforcing HIPAA, then I would conclude: not much.

The same question arose when state attorneys general were given permission under HITECH to enforce HIPAA violations.  State AGs and the OCR often came up with parallel enforcement plans, so the value of the added enforcement agency appears to be limited. Of course, this may change over time if OCR enforcement scales back, the office is defunded, etc. In such a scenario, the federales may conclude that double-teaming the bad guys wasn’t such a bad idea after all.

Bottom line: Comply with the rules, rather than worrying about who has the authority to nail you when you don’t.

Photo: flickr cc san_drino

TAGGED:HIPAApatient datapatient privacy
Share This Article
Facebook Copy Link Print
Share

Stay Connected

1.5kFollowersLike
4.5kFollowersFollow
2.8kFollowersPin
136kSubscribersSubscribe

Latest News

women dental care
What Is a Smile Makeover and How Much Does It Cost?
Dental health
June 30, 2025
HIPAA-Compliant Messaging Apps
Top HIPAA-Compliant Messaging Apps for Healthcare Teams
Global Healthcare Policy & Law Technology
June 25, 2025
recovering from injury
Rebuilding After Injury: Path to Physical and Emotional Recovery
News
June 22, 2025
scientist using microscope
When Healthcare Ends, the Legal Process Begins: What Families Should Know About Probate and Medical Estates
Global Healthcare
June 18, 2025

You Might also Like

medical monopoly image
BusinessFinanceHospital AdministrationNewsPublic Health

More Medical Monopoly-Yes, Medical Bills Are Killing Us!

February 21, 2013
eHealthMedical RecordsTechnology

How Healthcare Data Analytics Can Influence Patient Care

December 21, 2017
Coke Joins Obesity
Public Health

Coke and Obesity- a Weight Loss Surgeon’s Perspective

January 17, 2013

Integrated Health System Adoption: How to Start a Movement

May 15, 2013
Subscribe
Subscribe to our newsletter to get our newest articles instantly!
Follow US
© 2008-2025 HealthWorks Collective. All Rights Reserved.
  • About
  • Contact
  • Privacy
Welcome Back!

Sign in to your account

Username or Email Address
Password

Lost your password?