“We’re being audited!” Those words strike fear and uncertainty in most of us – especially if you are in healthcare. But what actually happens in a HIPAA audit? Will a government official show up unannounced with a briefcase and ask for you to produce every bit of your business’s HIPAA documentation while sequestering your team...
Hello, HIPAA The Health Insurance Portability and Accountability Act, better know as HIPAA, was passed by Congress in 1996 and called for the protection and confidential handling of protected health information (PHI). HIPAA still exists today, aiming to protect patients and their information, but it’s important to think about how far we’ve come in the...
This article was written by Matt Fisher and originally appeared on the Mirick O’Connell Health Law Blog. It is published here with permission. At some point in time most group practices, hospitals or other provider organizations will receive a letter from the Office for Civil Rights (“OCR”). The letter will state that OCR received a...
Have you ever wondered what exactly triggers a breach case investigated by Health and Human Services? While a number of things may attribute to an investigation, according to Deven McGraw, deputy director for health information privacy at the HHS Office for Civil Rights, nearly every breach case investigated by the department stems from a...
Deven McGraw, deputy director of the Department of Health and Human Services’ Office for Civil Rights has announced that the department’s plans for initiating onsite audits is currently on hold and will remain so until more than 200 desk audits have been completed. An article over on Data Breach Today gives us great detail on...
HealthIT Security has a very good article on OCR HIPAA activities. A key message is that not all OCR complaints result in HIPAA violations OCR will continue to focus “its enforcement efforts and its resources” in areas of alleged non-compliance and “where corrective action under HIPAA may be the only remedy.” In terms of OCR...
Back in March, we reported that OCR had announced its Phase 2 Audit Program. When we last heard from OCR about Phase 2 HIPAA Audits, we saw that emails were being sent to Covered Entities and Business Associates. The purpose of the emails was to verify and expand the OCR HIPAA audit pool. We wrote...
HIPAA Secure Now! President and CEO writes an article for Physicians Practice called: Don’t Let HIPAA Audits, Ransomware Sink Your Practice At the same time medical practices are faced with the increased likelihood of a HIPAA audit, hackers hover around waiting to steal patients’ personal data and/or hold it hostage through ransomware scams. These practices...
Back in March, we reported that OCR had announced its Phase 2 Audit Program. OCR stated that they would compile a database of both Covered Entities and Business Associates to form the basis of the pool of organizations potentially targeted for audit. They have followed up on their intentions and in the last week organizations...
Watch HSN CEO discuss the next round of HIPAA Audits
© 2023 · HIPAA Secure Now!
Recent Comments