HIPAA Audit: OCR Is On The Move
Did you always think compliance with HIPAA was cumbersome and expensive? Think again! Its non-compliance that can cause you twice the trouble! The Office for Civil Rights has been doling out fines to ensure that all healthcare entities take notice of HIPAA compliance – and consequently there have been nine settlements since June 1, 2013, totaling to more than $10 million.
The penalties issued to non-compliant healthcare entities till date clearly reveal the seriousness of OCR’s HIPAA enforcement efforts. Jerome B. Meites, OCR chief regional counsel for the Chicago area, believes that the office aims to put out a strong message through high-impact cases. The penalties for HIPAA violations over the past year are most likely to “pale in comparison” to the next 12 months, a U.S. Department of Health and Human Services attorney recently told an American Bar Association conference.
The OCR Focus
According to the OCR, the investigations are to have a limited focus, with fewer onsite visits when HIPAA audits resume this fall. Meites further stated that the OCR is yet to decide on the organizations that are to be selected from a list of 1,200 candidates (comprising of 800 healthcare providers, health plans or clearinghouses–and 400 of their business associates).
Stay Prepared
Ever since federal reporting was mandated in September 2009, the records of nearly 31.7 million people have been exposed. Clearly, the need of the hour is to be fully compliant with HIPAA rules at all times! Considering that the number of breaches on the U.S. Department of Health and Human Services’ “wall of shame” topped 1,000 this month, with almost 34 breaches in June – every health care organization needs to essentially “Stay Prepared”. Furthermore, given the potentially dire consequences of HIPAA violations, it is highly imperative for every healthcare enterprise to assess its HIPAA compliance status and check its readiness for the audit.
A step in the right direction
Besides implementing best practices and conducting risk analysis on an ongoing basis, it is time to take a step in the right direction. Adopting a solution like Aegify Security Posture Management, Aegify SecureGRC and Aegify Risk Manager can prove beneficial if you wish to give your entity a security advantage. With built-in vulnerability scanning technology, security and compliance monitoring become simple and effective. This platform can keep breaches away and help avoid HIPAA penalties with a comprehensive information security and HIPAA compliance framework.
Related posts
