News & Analysis as of

Blog: OCR Rep Discusses HIPAA Violations, Enforcement Actions, and Upcoming Audit Program

Last week, the National Institute of Standards and Technology (“NIST”), in conjunction with the U.S. Department of Health and Human Services’ Office for Civil Rights (“OCR”), hosted a conference entitled “Safeguarding Health...more

HIPAA Omnibus Rule: Deadline Approaching to Update Grandfathered Business Associate Agreements

Although the HIPAA Omnibus Rule (the “Rule”) went into effect nearly 18 months ago, the transition period for bringing business associate agreements into compliance with the Rule’s new requirements will end on September 23,...more

September 22, 2014 – HIPAA Compliance Deadline for Business Associate Agreements Is Just Around the Corner

All business associate agreements (“BAAs”) must be updated and compliant with current Health Insurance Accountability and Portability Act (“HIPAA”) regulations by September 22, 2014. Failure to meet this deadline could result...more

OCR Reveals Information about Upcoming HIPAA Audits

At the Healthcare Information and Management Systems Society (“HIMSS”) Privacy and Security Forum this week, health information privacy senior advisor for the Office for Civil Rights (“OCR”) Linda Sanches revealed certain...more

OCR to Begin Phase 2 of HIPAA Audit Program

The U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) will soon begin a second phase of audits (Phase 2 Audits) of compliance with Health Insurance Portability and Accountability Act of 1996 (HIPAA)...more

Are your HIPAA ducks in a row? The next round of OCR HIPAA audits is approaching

In 2011 the Department of Health and Human Services’ Office for Civil Rights (OCR) established the HIPAA Pilot Audit Program to ensure compliance with HIPAA’s privacy, security and breach notification rules. The first...more

Health Law Alert: HIPAA Enforcement on the Rise, as OCR Audit Program Moves Forward

A recent settlement from New York—involving the largest fine levied to date in the history of HIPAA enforcement, a staggering $4.8 million imposed on two public hospitals—should remind health care providers, health plans and...more

Policyholders Face Heightened Scrutiny Under OCR’s New Permanent Audit Program

The U.S. Department of Health and Human Services’ Office for Civil Rights (“OCR”) has notably increased enforcement of compliance with the Health Insurance Portability and Accountability Act (“HIPAA”) and Health Information...more

Coming Fall 2014: HHS Launches Permanent Audit Program

Beginning in the Fall of 2014, a substantial number of covered entities and business associates will receive a notification and data request from the Health and Human Services' (HHS) Office for Civil Rights (OCR). According...more

OCR Announces the Results from it's Pilot Audit and it's Plans For Next Year

The Office of Civil Rights Audit Pilot Program has come to an end with 115 audits, primarily in person, having been completed. The Pilot Program had multiple revelations in privacy, some of which were probably, not so...more

HIPAA Impaired Providers and the ER - What Happens When Your Employee Becomes Your Patient?

I was speaking this week at IAHIMA’s Annual Conference on the issues relating to HIPAA audits and recent updates from OCR and ONC. As part of my program we typically solicit questions prior to the presentation, most of which...more

OCR Releases Information on What Phase 2 HIPAA Audits Will Look Like

The HHS Office for Civil Rights (OCR) recently presented information about the new look of its Phase 2 audit program. The new audits will look little like the old ones, with OCR conducting the audits itself and focusing on...more

No More Excuses: HHS Issues New HIPAA Tool for Small Businesses

Three U.S. Department of Health and Human Services (“HHS”) agencies, the Office for the National Coordinator for Health IT (“ONC”), in conjunction with the Office for Civil Rights (“OCR”) and the Office of the General Counsel...more

ONC’s Security Risk Assessment Tool Is Useful but Could Be Improved

The Office of the National Coordinator for Health Information Technology (ONC) released a Security Risk Assessment Tool (SRA Tool) on March 28. According to the User Guide for the SRA Tool, the Tool is designed to help small...more

New Round of HIPAA Audits To Begin Later This Year

The Department of Health and Human Services’ Office for Civil Rights (OCR) recently announced it will resume its HIPAA compliance audit program — launched as a pilot program in 2012 — on a permanent basis in 2014. In...more

OCR to Resume HIPAA Audits. Get Ready Now!

In a Feb. 24 notice in the Federal Register, the HHS's Office for Civil Rights (OCR) announced its intention to resume its HIPAA Audit Program. By and large, the audit program has been inactive since December 2012, when OCR...more

OCR Preparing For Next Round of HIPAA Audits

In a February 24, 2014 notice published in the Federal Register, the Department of Health and Human Services announced a pre-audit survey of HIPAA covered entities and business associates. The information collected will...more

HIPAA Audits Set to Begin in 2014: Another Enforcement Mechanism for HIPAA Compliance

The Department of Health and Human Services (HHS) is expected to launch its long-awaited HIPAA audit program sometime in 2014. The audit program will be run by HHS’ Office of Civil Rights (OCR), which is likely eager to get...more

Be Prepared – HIPAA Audits are Coming in 2014

Later this year, the Department of Health and Human Services (“DHHS”) is expected to launch its permanent HIPAA Audit Program. The HIPAA Audit Program is authorized under Section 13411 of the HITECH Act, and is designed to...more

Preparing a Hospital or Health System for Sale or Partnership Transactions – Part Two

The consolidation trend in hospital and health systems continues. To address perceived inefficiencies and quality of care issues, hospitals are attempting to form larger enterprises to create scale, expand geographically,...more

Tips to Prepare for a CMS Electronic Health Record Meaningful Use Audit

In an effort to improve patient care, the Centers for Medicare and Medicaid Services (“CMS”) established electronic health record (“EHR”) Incentive Programs, which provide financial incentives for the “meaningful use” of...more

Highlights of the Joint NIST and OCR Safeguarding Health Information Conference

Earlier this week we attended the National Institute of Standards and Technology (NIST) and HHS Office for Civil Rights (OCR) 6th Annual Safeguarding Health Information Conference in Washington, D.C. (the NIST-OCR...more

OCR Wants Feedback From Audited Covered Entities

The Office for Civil Rights (OCR) is preparing to conduct an online survey of the 115 covered entities it audited in 2012 as part of the HITECH-mandated, pilot audit program. OCR hopes to use the survey results to evaluate...more

Audits, Audits And More Audits: Life In The Healthcare Industry

Healthcare suppliers and service providers live in a regulated world. They are constantly under audit scrutiny. Sometimes federal agencies (i.e private contractors) conduct the audits; other times state agencies conduct the...more

Utilizing the HIPAA audit protocols as a compliance tool By Kimberly J. Gold

Originally published in Compliance Today on December 1, 2012. ..Covered entities are now subject to privacy and security audits by OCR. ..OCR published audit protocols regarding its standards for such...more

29 Results
|
View per page
Page: of 2