Audits for Compliance with HIPAA Privacy and Security Requirements Are on the Way - Are You Ready?

more+
less-

With the government gearing up for its HIPAA compliance audits, it’s a good time for covered entities and their business associates to do a HIPAA compliance checkup. The Health Information Technology for Economic and Clinical Health Act of 2009 (“HITECH Act”) mandated the government to develop a plan to audit covered entities and their business associates for HIPAA compliance. The Office of Civil Rights, the governmental agency charged with HIPAA enforcement, is in its final stages of implementing this audit program and has hired KPMG to perform the audits. These audits are expected to commence in the next few months and KPMG is to complete audits of 150 organizations by December 31, 2012. The audits are initially expected to focus on covered entities. Each audit will include a site visit expected to span 2 to 5 days, depending on the complexity of the organization, which will consist of interviews with leadership and key personnel (e.g., Privacy Officer, CIO, medical records department director), an inspection of operations with respect to privacy and security, and an assessment of compliance with HIPAA privacy and security regulations and the organization’s HIPAA policies. At the conclusion of the audit, the audited organization will receive a final report describing the audit findings, with an emphasis on deficiencies and noncompliance and will be provided an opportunity to implement corrective actions. It is important to note that the government may initiate enforcement actions based on the audit findings; however, corrective actions may reduce or eliminate potential civil monetary penalties.

With these HIPAA compliance audits on the horizon and the OCR’s heightened efforts toward HIPAA enforcement, it is important that covered entities and business associates take proactive steps towards compliance. To prepare for these audits, we recommend taking the following steps to better position yourselves to demonstrate your HIPAA compliance to the government...

Please see full article below for more information.

LOADING PDF: If there are any problems, click here to download the file.