OCR to Begin HIPAA Privacy and Security Audits

The Office for Civil Rights (OCR) this month is commencing its first round of audits focusing on covered entities' HIPAA security and privacy rule compliance. A pilot audit program running through April 2012 will check compliance at 20 firms to form the basis for auditing procedures in the future.

Eventually, 150 covered entities will be subjected to audits.

“Audits present a new opportunity to examine mechanisms for compliance, identify best practices and discover risks and vulnerabilities that may not have come to light through OCR’s ongoing compliant investigations and compliance reviews,” stated OCR’s Web site dedicated to the program.

Firms to be audited will be given 30- to 90-days' advance notice, and these firms are then given 10 business days to supply any requested information and materials.

HIPAA refers to the Health Insurance Portability and Accountability Act of 1996. The enforcing agency for the law's subsequent privacy and security regulations is the OCR, which is a wing of the Department of Health and Human Services (HHS). Covered entities are generally health care providers, health insurers, and health administrative services that deal with health records.

Employers, if you offer health insurance, it's strongly advised to get a copy of Personnel Concepts' All-On-One HIPAA Information Poster to keep your employees informed about their rights and obligations regarding HIPAA and its security and privacy rules.

NOTE: The details in this blog are provided for informational purposes only. All answers are general in nature and do not constitute legal advice. If legal advice or other expert assistance is required, the services of a competent professional should be sought. The author specifically disclaims any and all liability arising directly or indirectly from the reliance on or use of this blog.
You can follow any responses to this entry through the RSS 2.0 feed. You can skip to the end and leave a response. Pinging is currently not allowed.

Leave a Reply

Your email address will not be published. Required fields are marked *

* Copy This Password *

* Type Or Paste Password Here *

Leave a Reply

XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

Comments (required)*