Health Information Management

OCR officially launches privacy, security audits

HIM-HIPAA Insider, November 15, 2011

Want to receive articles like this one in your inbox? Subscribe to HIM-HIPAA Insider!

The Office for Civil Rights (OCR) formally released its plans for HITECH-required HIPAA privacy and security audits on its website November 8.

OCR expects the initial round of audits to begin this month. And it also announced for the first time that in addition to covered entities, in the future business associates (BA) may also be subject to audits.
OCR will audit “as wide a range of types and sizes of covered entities as possible; covered individual and organizational providers of health services, health plans of all sizes and functions, and healthcare clearinghouses may all be considered for an audit.”
 
“We expect,” OCR continued, “covered entities to provide the auditors their full cooperation and support and remind them of their cooperation obligations under the HIPAA Enforcement Rule.”
 
Read more on the HIPAA Update blog.



Want to receive articles like this one in your inbox? Subscribe to HIM-HIPAA Insider!

Most Popular