OCR Releases HIPAA Privacy and Security Audit Protocol
Having completed an initial 20 HIPAA privacy and security compliance audits since last fall, and with 130 additional audits in the pipeline, OCR has just released its HIPAA privacy and security audit protocol, together with information about the audit pilot program.
Having completed an initial 20 HIPAA privacy and security compliance audits since last fall, and with 130 additional audits in the pipeline, OCR has just released its HIPAA privacy and security audit protocol, together with information about the audit pilot program. As always, information like this is extremely valuable to the regulated community. Covered entities and business associates should avail themselves of the information contained in the audit protocol and related materials so that they may prepare themselves for the eventuality of an audit or investigation — whether as part of the current audit plan or otherwise — and focus their compliance efforts.
From the OCR website:
The OCR HIPAA Audit program analyzes processes, controls, and policies of selected covered entities pursuant to the HITECH Act audit mandate. OCR established a comprehensive audit protocol that contains the requirements to be assessed through these performance audits. The entire audit protocol is organized around modules, representing separate elements of privacy, security, and breach notification. The combination of these multiple requirements may vary based on the type of covered entity selected for review.
- The audit protocol covers Privacy Rule requirements for (1) notice of privacy practices for PHI, (2) rights to request privacy protection for PHI, (3) access of individuals to PHI, (4) administrative requirements, (5) uses and disclosures of PHI, (6) amendment of PHI, and (7) accounting of disclosures.
- The protocol covers Security Rule requirements for administrative, physical, and technical safeguards.
- The protocol covers requirements for the Breach Notification Rule.
You may be interested
Balancing Smart Data With Cybersecurity for HospitalsKayla Matthews - August 11, 2017
It should come as no surprise that your discussions and interactions with physicians and health professionals influence diagnoses, prescriptions, visit…
4 Ways to Halt Testosterone Problems After 40JohnHenning - August 10, 2017
Among men of all ages, testosterone is an important hormone for regulating health. Men over the age of 65 tend…
The Growing Concerns About Teenagers’ Mental HealthAnnie Qureshi - August 7, 2017
The issue of adolescent mental health problems is a worrying one; although teenagers are stereotypically moody and distant, the number…