Enforcement of the HIPAA EDI regs is through CMS not OCR. CMS has already posted on their web site an on-line complaint form to use for submitting complaints about possible violations. The complaint form is also available as a .pdf via download.
Rachel Foerster Principal Rachel Foerster & Associates, Ltd. Professionals in Health Care EDI 39432 North Avenue Beach Park, IL 60099 Voice: 847-872-8070 Fax: 847-872-6860 eMail: [EMAIL PROTECTED] http://www.rfa-edi.com -----Original Message----- From: Christiansen, John (SEA) [mailto:[EMAIL PROTECTED]] Sent: Thursday, January 30, 2003 10:53 AM To: WEDI SNIP Privacy Workgroup List Subject: RE: HIPAA EDI This would be covered by the general HIPAA civil penalties provision, $100/violation to $25K annual max per "type of violation," on a no-fault basis, presumably enforced via the OCR in a non-adversarial "we're here to help" fashion. However, I was recently persuaded that it would also be possible to bring criminal charges for knowing disclosure of PHI in a regulated transaction without using the required codes and/or format. I would hope that would not be a case any prosecutor would want to bring but I think it is logically possible and therefore a matter of prosecutorial discretion. As my sainted Irish mother used to say, oy vay. John R. Christiansen Preston | Gates | Ellis LLP PLEASE NOTE OUR NEW ADDRESS AND PHONE NUMBERS EFFECTIVE TUESDAY, JANUARY 21: 925 Fourth Avenue, Suite 2900 Seattle, Washington 98104 *Direct: 206.370.8118 *Cell: 206.683.9125 * [EMAIL PROTECTED] Notice: Internet e-mail is inherently insecure. Unencrypted e-mail may be accessible to unauthorized viewers, content may be modified or corrupted, and headers or signatures may incorrectly identify the sender. If you wish to confirm this message or the identity of the sender, please contact me using a communications channel other than a "reply" to this e-mail. Secure electronic messaging is available and recommended for confidential or sensitive communications. -----Original Message----- From: Sherry Lynn Burke [mailto:[EMAIL PROTECTED]] Sent: Thursday, January 30, 2003 4:58 AM To: WEDI SNIP Privacy Workgroup List Subject: RE: HIPAA EDI I am trying to locate penalties for failure to comply with the EDI standards but am not having any luck. Advice? --- The WEDI SNIP listserv to which you are subscribed is not moderated. The discussions on this listserv therefore represent the views of the individual participants, and do not necessarily represent the views of the WEDI Board of Directors nor WEDI SNIP. If you wish to receive an official opinion, post your question to the WEDI SNIP Issues Database at http://snip.wedi.org/tracking/. These listservs should not be used for commercial marketing purposes or discussion of specific vendor products and services. They also are not intended to be used as a forum for personal disagreements or unprofessional communication at any time. You are currently subscribed to wedi-privacy as: archive@mail-archive.com To unsubscribe from this list, go to the Subscribe/Unsubscribe form at http://subscribe.wedi.org or send a blank email to [EMAIL PROTECTED] If you need to unsubscribe but your current email address is not the same as the address subscribed to the list, please use the Subscribe/Unsubscribe form at http://subscribe.wedi.org