By using this site, you agree to the Privacy Policy and Terms of Use.
Accept
Health Works CollectiveHealth Works CollectiveHealth Works Collective
  • Health
    • Mental Health
    Health
    Healthcare organizations are operating on slimmer profit margins than ever. One report in August showed that they are even lower than the beginning of the…
    Show More
    Top News
    Reasons For Hair Loss and Its Treatment
    Reasons For Hair Loss and Its Treatment
    February 16, 2022
    healthcare organization
    5 Actionable Strategies For Healthcare Organizations
    August 15, 2022
    7 Truths and Myths about Being a Full-time Emergency Doctor in a Big Hospital
    7 Truths and Myths about Being a Full-time Emergency Doctor in a Big Hospital
    October 6, 2022
    Latest News
    Beyond Nutrition: Everyday Foods That Support Whole-Body Health
    June 15, 2025
    The Wide-Ranging Benefits of Magnesium Supplements
    June 11, 2025
    The Best Home Remedies for Migraines
    June 5, 2025
    The Hidden Impact Of Stress On Your Body’s Alignment And Balance
    May 22, 2025
  • Policy and Law
    • Global Healthcare
    • Medical Ethics
    Policy and Law
    Get the latest updates about Insurance policies and Laws in the Healthcare industry for different geographical locations.
    Show More
    Top News
    Seven Senior Health Tips For The Holidays
    December 21, 2011
    Medicaid to Fund ‘Stay-Healthy’ Incentive Programs
    September 12, 2017
    Health Affairs Briefing Addresses Costly Consequences of Diabetes Treatment in America
    January 12, 2012
    Latest News
    Let Your Lawyer Handle the Work Before You Pay Medical Costs
    July 6, 2025
    Top HIPAA-Compliant Messaging Apps for Healthcare Teams
    June 25, 2025
    When Healthcare Ends, the Legal Process Begins: What Families Should Know About Probate and Medical Estates
    June 20, 2025
    Preventing Contamination In Healthcare Facilities Starts With Hygiene
    June 15, 2025
  • Medical Innovations
  • News
  • Wellness
  • Tech
Search
© 2023 HealthWorks Collective. All Rights Reserved.
Reading: OCR Just Finalized its Audit Protocols – Are You Feeling Confident About Your HIPAA Compliance?
Share
Notification Show More
Font ResizerAa
Health Works CollectiveHealth Works Collective
Font ResizerAa
Search
Follow US
  • About
  • Contact
  • Privacy
© 2023 HealthWorks Collective. All Rights Reserved.
Health Works Collective > Business > OCR Just Finalized its Audit Protocols – Are You Feeling Confident About Your HIPAA Compliance?
BusinessPolicy & Law

OCR Just Finalized its Audit Protocols – Are You Feeling Confident About Your HIPAA Compliance?

Dan Stempel
Dan Stempel
Share
5 Min Read
HIPAA-Compliance.png
SHARE

HIPAA-Compliance.png

Contents
There’s No Reason for Panic — Just PreparationPossibility for Consequences?

A friendly reminder that, with the recent HHS Office of Civil Rights announcement, covered entities may soon be facing some unwelcome audits. Now’s the time to review compliance.

HIPAA-Compliance.png

A friendly reminder that, with the recent HHS Office of Civil Rights announcement, covered entities may soon be facing some unwelcome audits. Now’s the time to review compliance.

More Read

Patient Responsibility – What to do if they Won’t Take Any?
Collaboration, Consolidation Should Define 2014 for Health Tracking Wearables, Apps
Physician Survey 2013 – Physician Burnout and Stress in Healthcare
When Is a Mammogram Not a Mammogram?
The Impact of HITECH & HIPAA on Data Centers

HIPAA compliance can sometimes feel like changing the oil in your car: inarguably necessary, a serious problem when left unchecked, yet tedious enough that some are willing to let the task slide. The difference, of course, is that one is bad for your engine while the other is a federally mandated and legally enforceable standard.

Friendly reminder: the HHS Office of Civil Rights (OCR) recently announced the Phase II launch of its HIPAA audit program, part of the 2009 HITECH Act. And with their finalized Audit Protocol published on April 8th, all signs point to the OCR soon getting down to brass tacks.

This needn’t be cause for alarm. But if covered entities or their business associates haven’t recently ensured that their compliance is watertight — especially regarding the measurement of referral and appointment activity — there’s definitely no time like the present.

There’s No Reason for Panic — Just Preparation

Files.jpg

Audits are tentatively set to begin sometime in May, according to OCR official Devin McGraw via Politico, at which point randomly selected covered entities will receive an email announcing their fates (they recommend checking spam folders).

Business associates, who are also subject to individual audits, will be subject to audits in June or July. The agency plans to conduct roughly 200 remote desk audits, to be completed by December 2016, and anywhere from 10-25 “full scale” field audits thereafter, according to Healthcare Info Security. If you’re uncomfortable with the vagueness of this plan, you’re not alone.

The good news is that the majority of organizations will not be audited. However, if selected, entities will have a mere ten business days to prepare and submit all relevant documents via a secure online portal. Desk audits may (or may not) entail just a review of policies, or pertain to only one of the three HIPAA Rules: Privacy, Security, or Breach Notification. However, certain charmed organizations may, in fact, get to experience the unique joy of both desk and on-site audits.

Possibility for Consequences?

Officially, Phase II OCR audits are relatively benign, designed to “develop tools and guidance to assist the industry in compliance self-evaluation and in preventing breaches.” Nevertheless, they will open a formal investigation, should they find a “serious compliance issue,” however defined. And while OCR won’t publish the audit results (or even list which companies are audited), the whole process is subject to the Freedom of Information Act (FOIA), which means that journalists or other public agents can legally publish results. 

You may recall that 115 covered entities were audited in 2011 during Phase 1 of program, unearthing major compliance breaches; 89% were found to have compliance issues, and smaller organizations tended to struggle in multiple areas. 

Given the involvement of business associates — many of whom are not primarily dedicated to healthcare — one of the most difficult compliance aspects to cover will be Protected Health Information (PHI) and ePHI (electronic PHI). For instance, if your marketing agency measures referral and appointment activity, they’re likely in the domain of PHI and will need to be in solid compliance.

The bottom line is that if you haven’t implemented HIPAA privacy and security policies and procedures, recently conducted an inventory of relevant assets, or regularly completed risk assessments, then now is probably your last chance to do so before the audit process begins.

In the end, however, integrating a comprehensive HIPAA compliance program will keep you from running afoul of any regulatory standards that may come down the pipeline. The HHS is only conducting these audits in order to better enforce compliance standards in the future. So while you may or may not be audited this year, you and your digital marketing vendors must be prepared to stand up to scrutiny at any time.

Targeted Medical Marketing, Digital Marketing

(Image credit: Medill DC/flickr)

TAGGED:HIPAAHIPAA compliance
Share This Article
Facebook Copy Link Print
Share

Stay Connected

1.5kFollowersLike
4.5kFollowersFollow
2.8kFollowersPin
136kSubscribersSubscribe

Latest News

Health Tips For Women
Top 5 Health Tips For Women Over 45
Women Health
July 7, 2025
car accident lawsuit
Let Your Lawyer Handle the Work Before You Pay Medical Costs
Policy & Law
July 6, 2025
women dental care
What Is a Smile Makeover and How Much Does It Cost?
Dental health
June 30, 2025
HIPAA-Compliant Messaging Apps
Top HIPAA-Compliant Messaging Apps for Healthcare Teams
Global Healthcare Policy & Law Technology
June 25, 2025

You Might also Like

Health care

What Does Medicare Cost in 2022?

May 18, 2022
Image
BusinessHealth Reform

Health Insurance Monopoly

March 23, 2011
price of medical care
BusinessPolicy & LawPublic Health

Leave No Patient on the Battlefield

June 12, 2014

OCR HIPAA Audits Finally Kick Off – Do They Matter?

November 9, 2011
Subscribe
Subscribe to our newsletter to get our newest articles instantly!
Follow US
© 2008-2025 HealthWorks Collective. All Rights Reserved.
  • About
  • Contact
  • Privacy
Welcome Back!

Sign in to your account

Username or Email Address
Password

Lost your password?