OCR calls for feedback on HIPAA audits

By Anthony Brino
March 26, 2013
10:05 AM

The Department of Health and Human Services’ Office for Civil Rights is asking the 115 HIPAA-covered entities that were audited in 2012 to complete a survey about the experience.

In late March, OCR issued an information collection request in the Federal Register, as part of a review it’s conducting of the HIPAA audit program, which was required under the HITECH Act.

As it prepares to do similar audits of business associates under the final HIPAA privacy and security rule, OCR said the survey is intended to help federal health officials gauge the benefit and outcomes of the audit program by measuring the effect on covered entities.

[See also: Data breaches continue to climb.]

The survey will query providers, health plans and clearinghouses on their attitudes of the audit process and outcomes, such as document requests, site visits, findings and recommendations. OCR is also hoping to get a sense of the costs incurred by covered entities responding to audits, “in time and money,” and to assess whether the audits led to improved HIPAA compliance.

The 115 audits conducted last year were part of a pilot program that aimed to identify best practices, find security risks that may go undiscovered after breach complaints and to foster a culture of vigilance for managing personal health information — especially amid the transition from paper to digital records and as digital health data grows in quantity.

In addition to privacy and security audits, the HITECH Act also established breach notification requirements and new penalty levels. The HIPAA omnibus rule released in January also extends compliance coverage to business associates and continues OCR’s authority to audit and fine entities for breaches.

Bob Belfort, a partner in the healthcare practice at Manatt, Phelps & Phillips, said earlier this year that audits and fines are likely to continue as providers build their privacy and security systems.

[See also: Healthcare lawyer probes HIPAA rule.]

“We’re already seeing the beginning of more aggressive enforcement and stiffer penalties, more frequent penalties,” Belfort said. “And I think that trend will definitely accelerate.”

Topics: 
Privacy & Security, Government & Policy

More regional news

A hospital pathologist analysing images using an AI platform

Siriraj Piyamaharajkarun Hospital sets up AI-powered pathology service

By
Adam Ang
November 27, 2024
The U.S. Capitol, Washington, D.C.

Senators intro bipartisan bill to bolster healthcare cybersecurity

By
Mike Miliard
November 27, 2024
HHS building

OCR's HIPAA audit program lacked mettle, OIG says

By
Andrea Fox
November 27, 2024
Want to get more stories like this one? Get daily news updates from Healthcare IT News.
Your subscription has been saved.
Something went wrong. Please try again.

Top Story

The U.S. Capitol, Washington, D.C.
Senators intro bipartisan bill to bolster healthcare cybersecurity

Most Read

Epic calls on Carequality to release Particle dispute resolution
VP candidates' EHRs may have been improperly accessed by VA employees
5G will power the next evolutionary stage of healthcare in APAC
Healthcare workforces need to prep for deep fakes and AI-enabled cyberattacks
HHS finalizes 2024-2030 Federal Health IT Strategy 
Three key strategies for managing healthcare's distributed workforces

Research

White Papers

More Whitepapers

Patient Engagement
Patient Engagement
Financial/Revenue Cycle Management

Webinars

More Webinars

Imaging
Interoperability
Artificial Intelligence

Video

Dr Yongsuk Kim at Konyang University Hospital_HIMSS24 APAC
How AI drives a Korean research-centred hospital
Anahi Santiago at ChristianaCare_Healthcare Cybersecurity Forum 2024
CISO's tips for building a culture of cybersecurity
Paul Wilder at CommonWell Health Alliance_Part 2_Digital binary code with springing lock Photo by JuSun/iStock/Getty Images Plus
Notching up FHIR at scale - Part 2
Paul Wilder at CommonWell Health Alliance_Part 1_Digital binary code with springing lock Photo by JuSun/iStock/Getty Images Plus
Notching up FHIR at scale - Part 1

More Stories

Clinician stands, working with a tablet
Yale study shows how AI bias worsens healthcare disparities
A person checking their smartwatch-tracked fitness data on their smartphone.
Singapore tackling chronic diseases with wearables
A doctor in scrubs reviewing a patient's record on a digital tablet
$14M more for EMR implementation in Victoria and more...
Clinician in scrubs at a hospital computer
CommonSpirit partners up with U of U for clinical collaboration
David Miles at Oklahoma Heart Hospital_Part 2_Doctor holding health icon Photo by Tippapatt/iStock/Getty Images Plus
Switching from Cerner to Epic? Meet a CIO who made it out alive
Stethoscope on an iPad
HIMSSCast: Care provider or tool? When and why patients like AI
EHR tips on migrating an all-digital hospital to Epic
Patient in mask talking to receptionist in mask
Almost a quarter of Americans underinsured, survey finds