Utilizing the HIPAA audit protocols as a compliance tool By Kimberly J. Gold

Originally published in Compliance Today on December 1, 2012.

..Covered entities are now subject to privacy and security audits by OCR.

..OCR published audit protocols regarding its standards for such audits.

..The audit protocols cover the HIPAA Privacy Rule, Security Rule, and Breach Notification requirements.

..Policies and procedures and documentation are of utmost importance to auditors.

..The audit protocols should be used as a compliance tool.

In order to ensure that covered entities comply with the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy and Security Rules and Breach Notification requirements, and as mandated by the Health Information Technology for Economic and Clinical Health Act (HITECH), the Department of Health and Human Services (HHS) Office of Civil Rights (OCR) has begun performing privacy and security audits of covered entities. OCR initiated a pilot audit program to perform 115 audits of covered entities between November 2011 and December 2012, and this pilot program has helped OCR refine the HIPAA requirements that it will assess during its audits. In June 2012, OCR published audit protocols that provide more clarity on auditors’ standards for performing HIPAA compliance audits of covered entities and business associates.

Please see full article below for more information.

LOADING PDF: If there are any problems, click here to download the file.

Topics:  Audits, Compliance, Healthcare, Healthcare Professionals, HHS, HIPAA, OCR

Published In: Administrative Agency Updates, Health Updates, Privacy Updates, Science, Computers & Technology Updates

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Mintz Levin - Health Law & Policy Matters | Attorney Advertising

Don't miss a thing! Build a custom news brief:

Read fresh new writing on compliance, cybersecurity, Dodd-Frank, whistleblowers, social media, hiring & firing, patent reform, the NLRB, Obamacare, the SEC…

…or whatever matters the most to you. Follow authors, firms, and topics on JD Supra.

Create your news brief now - it's free and easy »