Wednesday, May 11, 2016

OCR Releases New HIPAA Audit Protocol

Dianne De La Mare


The US Department of Health and Human Services, Office of Civil Rights (OCR) has released the new Health Insurance Portability and Accountability (HIPAA) Audit protocol, which reviews the policies and procedures adopted and employed by covered entities and business associates to meet selected standards and implementation specifications of the Privacy, Security, and Breach Notification Rules. 

These analyses are conducted using the new comprehensive audit protocol that has been updated to reflect the Omnibus Final Rule. The audit protocol is organized by Rule and regulatory provision and addresses separately the elements of privacy, security, and breach notification. The audits performed assess entity compliance with selected requirements and may vary based on the type of covered entity or business associate selected for review. 

Providers may submit feedback about the audit protocol to OCR at OSOCRAudit@hhs.gov.

No comments:

Post a Comment