Phase 1 of the HIPAA Audit Program officially ended and Phase 2 of the HIPAA Audit program was announced on March 21, 2016 by Health and Human Services. This is called the HIPAA Audit Program, and leverages the instructions, called the Audit Protocol, to test compliance. Part of the OCR’s focus is also to develop audit rules in its activities ensuring the industry is adopting compliance efforts, reducing risk of breaches and improving health care. The Office for Civil Rights (OCR) is a division of Health and Human Services with the responsibility to ensure industry compliance with an individual’s rights to Privacy, safeguards to electronic PHI and to investigate an organization’s diligence when breaches occur. As such, the federal government has stepped in to ensure measures are in place to secure ePHI, abide by privacy rules granting all of us access to our health information, and making it illegal to discover a breach and not take appropriate steps to notify those affected. Anthem/WellPoint breach, Premera, Blue Cross, and others in 2015), it is clear the industry has struggled with proper security of our electronic health information (ePHI). With the pinnacle of patient breaches hopefully behind us (e.g. For more up-to-date information, check out our more recent blogs, or contact us for a quick call.
Note: This blog was written a few years ago and there have been changes to HIPAA audit protocols not reflected here. OCR’s Updated HIPAA Audit Program – What you need to know
0 kommentar(er)
