Don’t Gamble with Your Practice!
H.R. 7898 Signed into Law on Jan. 5, 2021
This law could greatly affect your Practice if
You were Breached!
This new safe harbor requires that when calculating fines, evaluating audits or reviewing proposed mitigation steps, the Department of Health & Human Services (HHS) consider whether the covered entity or business associate adequately demonstrated that it had in place “recognized security practices” for at least 12 months prior that would:
- Mitigate HIPAA fines.
- Result in the early, favorable termination of a HIPAA audit.
- Mitigate the remedies in a HIPAA resolution agreement with HHS
In this law, the term “recognized security practices” refers to “the standards, guidelines, best practices, methodologies, procedures, and processes developed under … the NIST Act, the approaches promulgated under … the Cybersecurity Act of 2015, and other programs and processes that address cybersecurity and that are developed, recognized, or promulgated through regulations under other statutory authorities.”
For more information, visit:
https://www.jdsupra.com/legalnews/compliance-and-cybersecurity-best-2702374/
https://www.congress.gov/bill/116th-congress/house-bill/7898
In other words, if you have made every effort to ensure that you have a comprehensive and legitimate HIPAA compliance program, in the event of a security breach, your fines and penalties may be measurably decreased because you had demonstrated “recognized security practices” were in place.
The first step in developing this “recognized security
practice” is to complete your annual
Security Risk Assessment.
To learn more, please contact:
Mike McWilliams at 720.543.2240 or Mike.McWilliams@RITHealthcare.com
Or Use the Link Below to Book your FREE SRA Consult
We specialize in Orthopedics and will help you detect and
remediate areas of concern or non-compliance.
Again, this law requires that you adequately
demonstrate “recognized security practices” were in place
at least 12 months prior. . . so Don’t Wait!
See What Our Clients Are Saying
“Thanks to Reliable IT, we now have confidence in our Security and HIPAA policies and procedures!”

OrthoGeorgia
“The experience of the SRA and Pen test has been extremely positive. They give you very human feedback on what they see. You can tell that the team is very competent in the areas they are focused on.”

Illinois Bone & Joint Institute
“With Reliable IT, you get their experience of working and implementing tools in multiple environments, so it’s rarely the first time they’re doing something when they’re installing it in your environment.”

Panorama Orthopedics & Spine Center