By Jonathan Krasner – Back in March, we reported that OCR had announced its Phase 2 Audit Program. OCR stated that they would compile a database of both Covered Entities and Business Associates to form the basis of the pool of organizations potentially targeted for audit. They have followed up on their intentions and in the last week organizations have started to receive contact emails from OCR.
Read More
By Bob Grant – The HHS Office for Civil Rights released an updated Audit Protocol that it plans to use while investigating health care entities for HIPAA compliance. The biggest change to the audit protocol is the distinction that OCR has made between what’s required of Business Associates and Covered Entities.
By Bob Grant – As of March 22, 2016, the Office for Civil Rights (OCR) has officially begun their Phase 2 HIPAA Privacy, Security, and Breach Notification Audit Program. This announcement comes after months of speculation and preparation for the eventual roll-out of this new program. Luckily, with Compliancy Group you won’t have to go it alone.
If you’re unfamiliar with our series of live educational webcasts, this is the month to join us as we tackle three topics impacting the entire industry – HIPAA Audits, MIPS and cybersecurity. All of our events are free to join. Here is the April schedule.
By Jonathan Krasner – Although HIPAA is an important set of laws passed to protect the sensitive medical information handled by millions of covered entities and business associates, HHS Office for Civil Rights has never established a permanent compliance audit program.
By Steve Spearman – Once upon a time, all a healthcare organization needed to do to ensure that its vendors and subcontractors would keep data secure was to require it in their contractual agreement. However OCR’s recent efforts to strengthen what it believes could be the weakest link in HIPAA compliance and PHI security: vendors and subcontractors.
By Steve Spearman – Last week, in Washington, D.C., NIST and OCR held their 8th annual Safeguarding Health Information: Building Assurance through HIPAA Security seminar. Here are some of the major takeaways and big announcements that came out of that conference.
By Matt Fisher – After waiting with bated breath for almost a year, the day when full scale HIPPA audits will start is almost here. During a keynote address the the HIPAA Security Conference co-hosted by the HHS Office for Civil Rights and the National Institute of Standards and Technology (“NIST”), OCR Director Jocelyn Samuels revealed that the day when audits will start is getting closer.
By Art Gross – Now that the 2015 HIPAA Audits have begun, organizations are reevaluating their HIPAA compliance posture. This is a good thing being that an organization will have very little time to respond to pre-audit and audit inquiries from the Office of Civil Rights (OCR).