On Monday, March 21, 2016, the Health and Human Services Office for Civil Rights (“OCR”) began the long-awaited Phase II of OCR’s random audit program to determine compliance with the patient privacy provisions included in the Health Insurance Portability and Accountability Act (“HIPPA”). As we discussed earlier here, these audits will extend beyond simply covered entities and will also include business associates.

Covered entities and business associates will receive an email from OCR entitled “Audit Entity Contact Verification.”  This
Continue Reading HIPAA Phase II Audits Begin

After several months of delay, the Health and Human Services Office for Civil Rights (“OCR”) has selected a vendor to begin Phase II of OCR’s random HIPAA audits mandated by the HITECH Act.  The program’s first phase included over 100 pilot audits, and phase II was to have begun in late 2014. While the first round of audits included only covered entities, OCR will include business associates in the next round.  The audits will assess compliance with the HIPAA privacy,
Continue Reading Are You Prepared for HHS Office of Civil Rights Random HIPAA Audits?