By using this site, you agree to the Privacy Policy and Terms of Use.
Accept
Health Works CollectiveHealth Works CollectiveHealth Works Collective
  • Health
    • Mental Health
  • Policy and Law
    • Global Healthcare
    • Medical Ethics
  • Medical Innovations
  • News
  • Wellness
  • Tech
Search
© 2023 HealthWorks Collective. All Rights Reserved.
Reading: 2011-2012 HIPAA Audits Have Begun: Are You Ready to Prove HIPAA Compliance?
Share
Notification Show More
Font ResizerAa
Health Works CollectiveHealth Works Collective
Font ResizerAa
Search
Follow US
  • About
  • Contact
  • Privacy
© 2023 HealthWorks Collective. All Rights Reserved.
Health Works Collective > Technology > 2011-2012 HIPAA Audits Have Begun: Are You Ready to Prove HIPAA Compliance?
Technology

2011-2012 HIPAA Audits Have Begun: Are You Ready to Prove HIPAA Compliance?

onlinetech
onlinetech
Share
4 Min Read
2011-2012 HIPAA Audit Timeline
SHARE

Back in August, I blogged about the upcoming 2011 HIPAA Violations and Audits, and news of the government’s $9.2 million contract with auditing firm KPMG. Now that the OCR has officially launched its HIPAA Audit Program, even more relevant information has been released:

Back in August, I blogged about the upcoming 2011 HIPAA Violations and Audits, and news of the government’s $9.2 million contract with auditing firm KPMG. Now that the OCR has officially launched its HIPAA Audit Program, even more relevant information has been released:

  • Who: Every covered entity and business associate is eligible (although the program site states that “Business Associates will be included in future audits,” suggesting they won’t be addressed in this audit). HHS.gov states that the OCR may consider covered individual and organizational providers of health services, health plans of sizes and functions, and healthcare clearinghouses may be considered as well.
  • What: OCR is piloting a program to perform up to 150 audits of covered entities to assess privacy and security compliance.
  • Why: To satisfy the American Recovery and Reinvestment Act of 2009 (ARRA) Section 13411 of the HITECH Act and to check compliance with HIPAA Privacy and Security Rules and Breach Notification standards.
  • When: November 2011-December 2012.

Three Steps to the HIPAA Audit Process

  1. Staged in a three-step process, the first step was developing audit protocols.
  2. The second step will be the initial wave of audits in November 2011. This step will help shape how the rest of the audits will be conducted.
  3. Finally, the third step will be the full range of conducted audits.

How Will the Audit Program Work?

More Read

Health Start-Ups!: A Potential Breakthrough Toward a Cure For Type 1 Diabetes
Big Data = Big Brother? Leveraging Transaction Data for Better Healthcare
TalkItt: An App That Gives Voice to the Speech Impaired
4th Annual FDA/MTLI Medical Device and IVD Statistics Workshop (Event)
Effective Healthcare Requires a Social Approach
  1. Entities selected for an audit will be notified by the OCR and will have to provide documentation of privacy and security compliance efforts.
  2. Every audit requires a site visit and an audit report.
  3. Site visits will include interviews with key personnel and general observation of processes and operations to help determine compliance.
  4. After the site visit, auditors will give the entity a draft report showing how the audit was conducted, audit findings, and what actions the entity is taking in response to the findings.
  5. Before the report is finalized, the entity has a chance to discuss concerns and describe corrective actions taken to address those concerns.
  6. Final OCR report will include the steps the entity has taken to resolve compliance issues and describe the best practices of the entity.

Simplified Audit Schedule

2011-2012 HIPAA Audit Timeline

What is the OCR Planning to Get From These Audits?

The OCR will use the audit reports to determine what types of technical assistance needs to be developed and what types of correction action are most effective.

Need More HIPAA Guidance?

If you’re not sure your hosting solution is HIPAA compliant, or if your patient health information (PHI) is being secured in a HIPAA compliant data center, check out the Five Questions to Ask Your HIPAA Hosting Provider to get informed.

Looking for more information on the latest HIPAA ongoings? Check our HIPAA compliance blog category, HIPAA FAQ, or watch our recent HIPAA webinars to get educated on what you need to be HIPAA compliant.

TAGGED:2011 hipaa audits2012 hipaa auditshipaa audit processHIPAA compliant hostingHIPAA hostingOCR hipaa audit program
Share This Article
Facebook Copy Link Print
Share

Stay Connected

1.5kFollowersLike
4.5kFollowersFollow
2.8kFollowersPin
136kSubscribersSubscribe

Latest News

dental care
Importance of Good Dental Care for Health and Confidence
Dental health Specialties
October 2, 2025
AI in Healthcare
AI in Healthcare: Technology is Transforming the Global Landscape
Global Healthcare Policy & Law Technology
October 1, 2025
Choosing the Right Swimwear for Health and Safety
News
September 30, 2025
sports concussions
Concussion In Sports: How Common They Are And What You Need To Know
Infographics
September 28, 2025

You Might also Like

telehealth
eHealthMedical DevicesMobile HealthRemote DiagnosticsTechnology

Despite the Penalties, Physician Visit Innovation Is Progressing

February 25, 2014

Science and Biotech Need to Engage More to Win Public Trust

March 19, 2013
medical data
eHealthHospital AdministrationMedical RecordsTechnology

Patient Context Workflow

November 13, 2013

Ingredients of an Effective Antibiotic Stewardship Program: Be Sure to Add Health IT and Medical Device Innovation

June 15, 2012
Subscribe
Subscribe to our newsletter to get our newest articles instantly!
Follow US
© 2008-2025 HealthWorks Collective. All Rights Reserved.
  • About
  • Contact
  • Privacy
Welcome Back!

Sign in to your account

Username or Email Address
Password

Lost your password?