Breaking Compliance News Blog

HIPAA Audits Are Coming: Are You Ready?

Posted by Margaret Scavotto, JD, CHC on 3/17/14 4:23 PM

Find me on:

The Department of Health and Human Services (HHS) recently announced that it will conduct a “HIPAA Covered Entity and Business Associate Pre-Audit Survey." It will conduct a survey of 800 covered entities and 400 business associates to determine whether they are appropriate participants for the Office of Civil Rights (OCR) HIPAA Audit Program.

The audit will evaluate covered entities’ and business associates’ compliance with the HIPAA Privacy, Security and Breach Notification Rules.

In other words: more HIPAA audits are coming. If you are selected, you can expect to have HHS review the following:

  • Privacy Rule requirements for (1) notice of privacy practices for PHI, (2) rights to request privacy protection for PHI, (3) access of individuals to PHI, (4) administrative requirements, (5) uses and disclosures of PHI, (6) amendment of PHI, and (7) accounting of disclosures.
  • Security Rule requirements for administrative, physical, and technical safeguards
  • Breach Notification Rule requirements*

Now is the time to make sure you have addressed HIPAA Privacy, Security and Breach Notification Rules in your organization. Are you confident that you could competently respond to an OCR HIPAA audit? For help implementing HIPAA, see MPA’s HIPAA Guidance page.


Are you HIPAA  compliant?  Free HIPAA  Assessment


Topics: Breaking Compliance News Blog, Auditing and Monitoring, HIPAA

    Privacy Policy           Terms of Use