Birmingham Medical News: Are You Ready for the Upcoming HIPAA Compliance Audits?

Articles / Publications

Earlier this year, the U.S. Department of Health and Human Services Office of Civil Rights ("OCR") announced its plan for a number of audits regarding compliance with the Health Insurance Portability and Accountability Act of 1996 ("HIPAA"). As a refresher, on January 17, 2013, the U.S. Department of Health and Human Services ("HHS") issued the Omnibus Final Rule (the "Rule") concerning the implementation of changes to privacy and security provisions of HIPAA pursuant to the Health Information Technology for Economic and Clinical Health ("HITECH") Act. The Rule strengthened the protection of patient health information ("PHI") under HIPAA. In accordance with the Rule, healthcare providers are required to have appropriate safeguards and measures in place to ensure patients' PHI is protected.

In September of this year, OCR Senior Advisor Linda Sanches discussed the upcoming audits. Ms. Sanches did not provide a specific timeline for when the audits will begin but did discuss certain areas providers should evaluate in preparing for the audits. Two areas that the OCR will likely focus on while conducting the audits are security risk assessments and breach notifications. With regard to breaches, Ms. Sanches indicated that OCR will look for a pattern of similar types of breaches which could indicate that the provider is not doing anything about the breaches or does not have proper procedures in place to prevent them. With regard to risk assessments, Ms. Sanchez indicated that one of the most important things a provider can do is conduct a periodic risk analysis. She explained that without one, a provider has no idea where they stand. It is crucial for providers to already have a risk assessment in place rather than waiting to develop one right before an audit.

To read more about this topic, please see full article below Download PDF

Jump to Page
Arrow icon Top

Contact Us

We use cookies to improve your website experience, provide additional security, and remember you when you return to the website. This website does not respond to "Do Not Track" signals. By clicking "Accept," you agree to our use of cookies. To learn more about how we use cookies, please see our Privacy Policy.

Necessary Cookies

Necessary cookies enable core functionality such as security, network management, and accessibility. These cookies may only be disabled by changing your browser settings, but this may affect how the website functions.

Analytical Cookies

Analytical cookies help us improve our website by collecting and reporting information on its usage. We access and process information from these cookies at an aggregate level.