HHS: Round 2 HIPAA Audit Details Revealed

HHS' Office for Civil Rights has released a report that contains the details of the upcoming round two of its HIPAA compliance audit program.

OCR auditors will access entity HIPAA compliance efforts through an updated protocol including new criteria that reflect the HIPAA omnibus rule changes. Any covered entity and any business associate of a covered entity are subject to the audits, according to the report. 

Under the HIPAA omnibus rule, business associates are directly liable for HIPAA compliance and subject to OCR enforcement penalties ranging up to $1.5 million per violation.

Beginning this summer, OCR will send pre-audit surveys to 550 to 800 covered entities, and OCR will select about 350 of those entities to actually audit.

Covered entities selected to be audited will receive notification and data requests in fall 2014 and be asked to identify their business associates. Business associates chosen to be audited will be notified in 2015, according to the report.  

More Articles on HIPAA Compliance:

10 Necessary Components of a HIPAA Business Associate Agreement
5 Tips to Reduce Third-Party HIPAA Risk 
5 Steps for Safeguarding PHI in the New Healthcare Environment 

Copyright © 2023 Becker's Healthcare. All Rights Reserved. Privacy Policy. Cookie Policy. Linking and Reprinting Policy.


Featured Whitepapers

Featured Webinars