MARCH 31, 2016. HIPAA Integrity suggest that you access and review the March 24, 2016, Health Data Management Slideshow entitled: “6 steps to surviving a HIPAA audit”. Each of the seven slides is prescriptive and informative and highlight the value of the HIPAA Integrity Safeguard Compliance Tool Package for preparing for an Office for Civil Rights (OCR) desk audit if so selected by OCR. Note particularly “Slide 3: Evaluate your privacy and security policies: Perform an in depth assessment of your current privacy and security policies and procedures….”
March 30, 2016. HIPAA Integrity suggests that you access and review and excellent recommendations in the March 28, 2016, posted advisory of Davis Wright Tremaine LLP (DWT) entitled: “OCR Phase 2 HIPAA Audits Are Here: What to Expect While You’re Expecting (an Audit).” Following the HIPAA Integrity post yesterday, we point out especially DWT’s last recommendation: “Be Current, but not too current,” noting OCR “may choose to not consider documents that are developed after the data request. So, now is the time to develop or update compliance documents.”
March 29, 2016. Last week, we posted information on the Office for Civil Rights (OCR) Compliance Audit Program that is “currently underway” and “will examine compliance with specific requirements” of the HIPAA Privacy, HIPAA Security, and HITECH Breach Notification Rules.
March 28, 2016. As a follow-up to our March 23rd blog post: OCR announces HIPAA/HITECH Act Compliance Audit Program, HIPAA Integrity provides here an image of the OCR automated request letter to covered entities and business associates for confirmation of current or updated email address and contact information, with response expected within 14 days. This is the first step in the desk compliance audit program.
On March 21, 2016, the Office for Civil Rights (OCR) of the U.S. Department of Health and Human Services (HHS) announced that its long-awaited HIPAA/HITECH Act Compliance Audit Program is underway. In its announcement, OCR stated: “The 2016 Phase 2 HIPAA Audit Program will review the policies and procedures adopted and employed by covered entities and their business associates to meet selected standards and implementation specifications of the [HIPAA] Privacy, [HIPAA] Security, and [HITECH Act] Breach Notification Rules. The audit program will be comprised first of desk audits and then onsite audits, with the former completed by the end of December 2016.
On March 10, 2016, Ed Jones, CEO and Author of the HIPAA Integrity products, will be conducting the following Webinar sponsored by the WEDI organization.