By using this site, you agree to the Privacy Policy and Terms of Use.
Accept
Health Works CollectiveHealth Works CollectiveHealth Works Collective
  • Health
    • Mental Health
  • Policy and Law
    • Global Healthcare
    • Medical Ethics
  • Medical Innovations
  • News
  • Wellness
  • Tech
Search
© 2023 HealthWorks Collective. All Rights Reserved.
Reading: 2011-2012 HIPAA Audits Have Begun: Are You Ready to Prove HIPAA Compliance?
Share
Notification Show More
Font ResizerAa
Health Works CollectiveHealth Works Collective
Font ResizerAa
Search
Follow US
  • About
  • Contact
  • Privacy
© 2023 HealthWorks Collective. All Rights Reserved.
Health Works Collective > Technology > 2011-2012 HIPAA Audits Have Begun: Are You Ready to Prove HIPAA Compliance?
Technology

2011-2012 HIPAA Audits Have Begun: Are You Ready to Prove HIPAA Compliance?

onlinetech
onlinetech
Share
4 Min Read
2011-2012 HIPAA Audit Timeline
SHARE

Back in August, I blogged about the upcoming 2011 HIPAA Violations and Audits, and news of the government’s $9.2 million contract with auditing firm KPMG. Now that the OCR has officially launched its HIPAA Audit Program, even more relevant information has been released:

Back in August, I blogged about the upcoming 2011 HIPAA Violations and Audits, and news of the government’s $9.2 million contract with auditing firm KPMG. Now that the OCR has officially launched its HIPAA Audit Program, even more relevant information has been released:

  • Who: Every covered entity and business associate is eligible (although the program site states that “Business Associates will be included in future audits,” suggesting they won’t be addressed in this audit). HHS.gov states that the OCR may consider covered individual and organizational providers of health services, health plans of sizes and functions, and healthcare clearinghouses may be considered as well.
  • What: OCR is piloting a program to perform up to 150 audits of covered entities to assess privacy and security compliance.
  • Why: To satisfy the American Recovery and Reinvestment Act of 2009 (ARRA) Section 13411 of the HITECH Act and to check compliance with HIPAA Privacy and Security Rules and Breach Notification standards.
  • When: November 2011-December 2012.

Three Steps to the HIPAA Audit Process

  1. Staged in a three-step process, the first step was developing audit protocols.
  2. The second step will be the initial wave of audits in November 2011. This step will help shape how the rest of the audits will be conducted.
  3. Finally, the third step will be the full range of conducted audits.

How Will the Audit Program Work?

More Read

How Can Technology Play a Role in Addiction Treatment?
How Can A Custom Healthcare App Help Wellness Centers And Doctors?
Collaborating for Community Health Innovation
Innovation without Diligence Negatively Impacts Healthcare Access
Teamwork + SXSW + Minecraft + Healthcare = Sum Greater Than Parts
  1. Entities selected for an audit will be notified by the OCR and will have to provide documentation of privacy and security compliance efforts.
  2. Every audit requires a site visit and an audit report.
  3. Site visits will include interviews with key personnel and general observation of processes and operations to help determine compliance.
  4. After the site visit, auditors will give the entity a draft report showing how the audit was conducted, audit findings, and what actions the entity is taking in response to the findings.
  5. Before the report is finalized, the entity has a chance to discuss concerns and describe corrective actions taken to address those concerns.
  6. Final OCR report will include the steps the entity has taken to resolve compliance issues and describe the best practices of the entity.

Simplified Audit Schedule

2011-2012 HIPAA Audit Timeline

What is the OCR Planning to Get From These Audits?

The OCR will use the audit reports to determine what types of technical assistance needs to be developed and what types of correction action are most effective.

Need More HIPAA Guidance?

If you’re not sure your hosting solution is HIPAA compliant, or if your patient health information (PHI) is being secured in a HIPAA compliant data center, check out the Five Questions to Ask Your HIPAA Hosting Provider to get informed.

Looking for more information on the latest HIPAA ongoings? Check our HIPAA compliance blog category, HIPAA FAQ, or watch our recent HIPAA webinars to get educated on what you need to be HIPAA compliant.

TAGGED:2011 hipaa audits2012 hipaa auditshipaa audit processHIPAA compliant hostingHIPAA hostingOCR hipaa audit program
Share This Article
Facebook Copy Link Print
Share

Stay Connected

1.5kFollowersLike
4.5kFollowersFollow
2.8kFollowersPin
136kSubscribersSubscribe

Latest News

a woman walking on the hallway
6 Easy Healthcare Ways to Sit Less and Move More Every Day
Health
September 9, 2025
Clinical Expertise
Healthcare at a Crossroads: Why Leadership Matters More Than Ever
Global Healthcare
September 9, 2025
travel nurse in north carolina
Balancing Speed and Scope: Choosing the Nursing Degree That Fits Your Goals
Nursing
September 1, 2025
intimacy
How to Keep Intimacy Comfortable as You Age
Relationship and Lifestyle Senior Care
September 1, 2025

You Might also Like

New Technologies at Medtech Startups, October 2011

October 31, 2011
BusinessDiagnosticseHealthMedical InnovationsTechnology

The Potential and Challenges for Internet of Things in Healthcare

February 2, 2018

California’s Plan for Telehealth

March 7, 2011
Medical InnovationsTechnology

4 Healthcare IT Technologies Set to Take Over This Year

May 1, 2018
Subscribe
Subscribe to our newsletter to get our newest articles instantly!
Follow US
© 2008-2025 HealthWorks Collective. All Rights Reserved.
  • About
  • Contact
  • Privacy
Welcome Back!

Sign in to your account

Username or Email Address
Password

Lost your password?