[ Thursday, August 25, 2011 ]
OCR's Standard Response
: In the event of a breach that involves noncompliance and some serious impact, you might still get a "resolution agreement" from OCR rather than a fine/penalty (assuming you cooperate, of course). However, according to Theresa Defino at AIS,
you should still expect to be requried to re-write your policies, retrain your employees, institute some serious monitoring, and pay out some cash.
Jeff [9:03 AM]
Blogger: HIPAA Blog - Edit your Template