Potential Financial Risks of Being Unprepared for the OCR HIPAA Compliance Audit Program

HIPAA rising costs

compliments of hipaajournal.com

April 1, 2016. This week we have highlighted in our blog posts aspects of the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) HIPAA Compliance Audit Program that OCR announced as underway on March 21, 2016. In this post, we want to highlight the potential financial consequences of being found non-compliant as a result of an audit. A measure of these potential financial consequences is drawn from four 2016 settlements with HIPAA safeguard violators as outlined in HHS press announcements:

 

These are just snapshots in the past two months of the financial consequences for failure to comply with HIPAA/HITECH Act safeguard regulations. HIPAA Integrity recommends that you download and read the OCR resolution agreements and corrective action plans to get a complete picture of the violations and the costly non-financial-penalty consequences in terms of time, human resources, and HHS required reporting to achieve compliance prior to discovery of non-compliance in a compliance audit or complaint or breach investigation.

 

Toward that end, make sure your documentation is in order before receiving a request to send policies and procedures to the Office for Civil Rights (OCR) for a desk audit. Note that in three of the four violations above, “policies and procedures” were mentioned as being absent or insufficient.

 

HIPAA Integrity can get your organization on the documented path to compliance today with its downloadable HIPAA Integrity Safeguard Compliance Tool Package (Version 3.0). This Package, with its written compliance tools, is designed for covered entities and business associates to document and successfully demonstrate safeguard compliance for either a desk or onsite audit. The HIPAA Integrity Safeguard Compliance Tool Package (Version 3.0) is comprised of an easy-to-follow tabular risk analysis template; 92 written generic safeguard policies and procedures that a covered entity or business associate must have in place and that can readily be tailored to its risk analysis findings; 22 authorization and maintenance forms accompanying safeguard procedures; and the safeguard training curriculum in five lessons with test questions for administration by Privacy and Security Officials to their workforce members. Each component of the package is linked via proprietary code and written in plain language. HIPAA Integrity also includes guidance, online accessible authoritative references, and OCR audit protocols. HIPAA Integrity’s initial first year membership, which includes any updates, is an affordable $499 ($449 through Sunday, April 3) and immediately downloadable after payment fulfillment. Purchasers have the option of renewing annually thereafter for $99, which includes any updates and version changes. Register for additional information and Package sample documentation. It is no April Fool’s Joke that HIPAA Integrity is a much more cost-effective option than being selected for an OCR desk audit and found non-compliant as the examples above clearly demonstrate.

Categories



Archives

  • October 2017 (1)
  • August 2017 (3)
  • July 2017 (1)
  • June 2017 (7)
  • May 2017 (12)
  • April 2017 (10)
  • March 2017 (2)
  • February 2017 (3)
  • January 2017 (4)
  • December 2016 (4)
  • November 2016 (7)
  • October 2016 (7)
  • September 2016 (2)
  • August 2016 (1)
  • July 2016 (3)
  • June 2016 (1)
  • May 2016 (1)
  • April 2016 (8)
  • March 2016 (6)
  • February 2016 (2)
  • December 2015 (1)
  • November 2015 (1)
  • October 2015 (4)
  • September 2015 (1)
  • June 2015 (8)
  • May 2015 (3)
  • April 2015 (2)
  • March 2015 (1)
  • November 2014 (1)
  • September 2014 (15)
  • August 2014 (6)
  • July 2014 (1)
  • June 2014 (13)
  • May 2014 (11)
  • April 2014 (13)
  • March 2014 (6)
  • February 2014 (12)
  • January 2014 (3)
  • December 2013 (1)