Corporate Compliance

OCR hires contractor for HIPAA audit plan

Compliance Monitor, July 6, 2011

The Office for Civil Rights (OCR) has hired an organization to implement its HITECH-required HIPAA compliance auditing plan.

OCR went with KPMG of McLean, Va., to assist OCR in operating an audit program that effectively implements the statutory requirement to audit covered entity and business associate compliance with the HIPAA privacy and security standards as amended by HITECH.

According to a snapshot of the contract provided by the Department of Health and Human Services (HHS), KPMG in the $9.2 million contract will end up auditing 150 entities varying in size by Dec. 31, 2012.

HITECH required “periodic audits” of covered entities and business associates to ensure HIPAA compliance. OCR had hired Booz Allen Hamilton to recommend a model HIPAA auditing plan, and now has hired KPMG to implement it.

Read more on HIPAA Update.

Most Popular