The Top 13 HIPAA Deficiencies Discovered in 2013 OCR Audits

Health Care

January 30, 2014
by Rick Ensenbach, CISSP, CISA, CISM, ISSMP, CCSFP

Bookmark and Share
Rick Ensenbach Rick Ensenbach, CISSP, CISA, CISM, ISSMP, CCSFP
Manager

View Profile
 
 
If you think HIPAA compliance is old news, think again. The Department of Health and Human Services’ Office for Civil Rights (OCR) piloted its audit program between 2011 and 2012 and found some disturbing weaknesses. OCR announced in September that it’s launching its permanent audit program in 2014.
 
This time around, health care covered entities won’t be the only ones audited by OCR either. Business associates and their subcontractors who have been entrusted with protected health information (PHI) are also liable for compliance with the new HIPAA Omnibus Rule and, therefore, are subject to being audited.
 
In light of this news, health care organizations should evaluate their organization’s compliance with HIPAA by completing an annual risk assessment, updating their policies and procedures, and educating their work force, as well as revisiting their existing business associate agreements.
 

Download the article below to read more.


Average Rating:

Length: 2 pages (PDF 52 kB)



Rate this Article
*  =  required fields
Your Rating*
Name*
E-mail Address*
Company