By using this site, you agree to the Privacy Policy and Terms of Use.
Accept
Health Works CollectiveHealth Works CollectiveHealth Works Collective
  • Health
    • Mental Health
  • Policy and Law
    • Global Healthcare
    • Medical Ethics
  • Medical Innovations
  • News
  • Wellness
  • Tech
Search
© 2023 HealthWorks Collective. All Rights Reserved.
Reading: 2011-2012 HIPAA Audits Have Begun: Are You Ready to Prove HIPAA Compliance?
Share
Notification Show More
Font ResizerAa
Health Works CollectiveHealth Works Collective
Font ResizerAa
Search
Follow US
  • About
  • Contact
  • Privacy
© 2023 HealthWorks Collective. All Rights Reserved.
Health Works Collective > Technology > 2011-2012 HIPAA Audits Have Begun: Are You Ready to Prove HIPAA Compliance?
Technology

2011-2012 HIPAA Audits Have Begun: Are You Ready to Prove HIPAA Compliance?

onlinetech
onlinetech
Share
4 Min Read
2011-2012 HIPAA Audit Timeline
SHARE

Back in August, I blogged about the upcoming 2011 HIPAA Violations and Audits, and news of the government’s $9.2 million contract with auditing firm KPMG. Now that the OCR has officially launched its HIPAA Audit Program, even more relevant information has been released:

Back in August, I blogged about the upcoming 2011 HIPAA Violations and Audits, and news of the government’s $9.2 million contract with auditing firm KPMG. Now that the OCR has officially launched its HIPAA Audit Program, even more relevant information has been released:

  • Who: Every covered entity and business associate is eligible (although the program site states that “Business Associates will be included in future audits,” suggesting they won’t be addressed in this audit). HHS.gov states that the OCR may consider covered individual and organizational providers of health services, health plans of sizes and functions, and healthcare clearinghouses may be considered as well.
  • What: OCR is piloting a program to perform up to 150 audits of covered entities to assess privacy and security compliance.
  • Why: To satisfy the American Recovery and Reinvestment Act of 2009 (ARRA) Section 13411 of the HITECH Act and to check compliance with HIPAA Privacy and Security Rules and Breach Notification standards.
  • When: November 2011-December 2012.

Three Steps to the HIPAA Audit Process

  1. Staged in a three-step process, the first step was developing audit protocols.
  2. The second step will be the initial wave of audits in November 2011. This step will help shape how the rest of the audits will be conducted.
  3. Finally, the third step will be the full range of conducted audits.

How Will the Audit Program Work?

More Read

Left to Our Own Devices
The Critical Role of Maintenance Management Software in Healthcare
Who Needs a Patient Relationship When You Have an EHR?
Molecular, Genomic Diagnostic Service Lab Raising Funds for Personalized Medicine
Five of the Coolest “Bots” in Medicine [INFOGRAPHIC]
  1. Entities selected for an audit will be notified by the OCR and will have to provide documentation of privacy and security compliance efforts.
  2. Every audit requires a site visit and an audit report.
  3. Site visits will include interviews with key personnel and general observation of processes and operations to help determine compliance.
  4. After the site visit, auditors will give the entity a draft report showing how the audit was conducted, audit findings, and what actions the entity is taking in response to the findings.
  5. Before the report is finalized, the entity has a chance to discuss concerns and describe corrective actions taken to address those concerns.
  6. Final OCR report will include the steps the entity has taken to resolve compliance issues and describe the best practices of the entity.

Simplified Audit Schedule

2011-2012 HIPAA Audit Timeline

What is the OCR Planning to Get From These Audits?

The OCR will use the audit reports to determine what types of technical assistance needs to be developed and what types of correction action are most effective.

Need More HIPAA Guidance?

If you’re not sure your hosting solution is HIPAA compliant, or if your patient health information (PHI) is being secured in a HIPAA compliant data center, check out the Five Questions to Ask Your HIPAA Hosting Provider to get informed.

Looking for more information on the latest HIPAA ongoings? Check our HIPAA compliance blog category, HIPAA FAQ, or watch our recent HIPAA webinars to get educated on what you need to be HIPAA compliant.

TAGGED:2011 hipaa audits2012 hipaa auditshipaa audit processHIPAA compliant hostingHIPAA hostingOCR hipaa audit program
Share This Article
Facebook Copy Link Print
Share

Stay Connected

1.5kFollowersLike
4.5kFollowersFollow
2.8kFollowersPin
136kSubscribersSubscribe

Latest News

Nurse Scheduling Software
Evaluating 7 Best Nurse Scheduling Software
Nursing Technology
October 28, 2025
contamination
Batch Failures And The Hidden Costs Of Contamination
Health Infographics
October 21, 2025
Medication Management For Seniors
Simplifying Medication Management For Seniors
Infographics Senior Care
October 21, 2025
Guide To Pursuing a Career in Nursing as a Foreigner in the USA
Collaboration Is the Prescription for Better Patient Care
Health
October 20, 2025

You Might also Like

biopharma beat
BusinesseHealthGlobal HealthcareMedical InnovationsTechnology

BioPharma Beat: 7 Drivers of Disruptive Innovation in Healthcare

April 3, 2014

Playing for Better Health with BioGaming

March 28, 2014

Did You Miss the Bus at HIMSS 2014?

February 28, 2014
Medical DevicesTechnology

How PCB Design Can Improve Medical Electronics

August 26, 2018
Subscribe
Subscribe to our newsletter to get our newest articles instantly!
Follow US
© 2008-2025 HealthWorks Collective. All Rights Reserved.
  • About
  • Contact
  • Privacy
Welcome Back!

Sign in to your account

Username or Email Address
Password

Lost your password?