Now offering Data Breach Protection Services through CSR

HIPAA Changes for 2019

Are you prepared for the new year?

2019 HIPAA Changes

HIPAA Changes for 2019

Each new year brings about a new focus for all, including HIPAA. With “less than 20% of all practices and business associates have implemented the safeguards required under HIPAA”, Jeff Broudy, CEO of PCIHIPAA stresses the changes that will be available in 2019 to correct this.

Below find the top three changes for HIPAA for 2019:

1. Free Risk Assessments

Broudy stresses that the lack of understanding of what is required is correlated to less than 20% of organizations implementing all safeguards. In order to combat this, PCIHIPAA is providing free risk assessments to assist with preparations for an audit so organizations are set up for success.

2. Increased Penalties

As a continuation of the increased enforcement over the past three years via the Department of Health and Human Services Office of Civil Rights (OCR), Director Roger Severio mentioned enforcement and fines will be in even greater in 2019. With the increased amount of large data breaches, such as Anthem that resulted in a $16 million dollars, penalties are no longer avoidable, in fact, the range of fines can be from $100 to $50,000 per violation, not exceeding $1.5 Million per year.

3. Clearer Definitions

As the understanding of when and to what degree an individual is affected by data breach remains unclear, there will be an increase focused on clarifying this definition. Once solidified, this will absolutely be a game changer as there will be a set standard across the board and set fines accordingly.

In addition to the above three above changes, the focus on minimizing the number of patient care interruptions will also be reviewed. With the 42 CFR Part 2 in March 2019, the coordination of treatment, payment, and operations will be reevaluated to ensure the least amount of interruptions.


As a proud partner of several medical organizations,  Lincoln Archives aims to be a resource in information protection. As a local Buffalo company, we especially aim to assist our fellow local organizations. For questions and training on HIPAA regulations, such as handling bloodborne pathogens, contact us today.

Lincoln Archives is the only family-owned NAID AAA Certified organization in WNY and includes the division of LACyber providing comprehensive Data Breach Defense Services. Lincoln Archives is proud to be a part of Lincoln Family of Companies serving the Western New York Community since 1914.

by Kathryn Turner

Contact Us