Upsurge in HIPAA Audits

Uncategorized No Comments

Upsurge in HIPAA Audits

There has been a considerable increase in Health Insurance Portability and Accountability Act (HIPAA) activity. Common HIPAA violations have ranged from stolen workplace computers to misuse of personal health information by contractors. As a result, record setting levels of HIPAA enforcement and fines were documented in 2016.

The U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) settled alleged HIPAA violations with 12 healthcare organizations in 2016.  Approximately $23 million in fines were collected by OCR to resolve these alleged HIPAA violations. Seven of these settlements were in excess of $1,500,000 (See:  OCR HIPAA Enforcement: Summary of 2016 HIPAA Settlements). So far, substantial HIPAA fines and settlements have been made in 2017 as well. It appears this upsurge in audits will continue to increase.

What are some basic tips to help prepare an organization for a HIPAA Audit?

  1. Run an up-to-date risk assessment that evaluates how vulnerable your organization is to security breaches.
  2. Ensure policies and procedures are current and regularly updated.
  3. Confirm that your training program(s) are well-managed, active and up-to-date.
  4. Triple-check your processes to make sure employees are implementing guidelines. Be certain that employees understand their security duties, how and where all protected health information is warehoused, and are readily able to describe how they act on their compliance duties in their day-to-day work. Specifically, ensure everyone who could potentially be involved in a HIPAA breach process understands their roles when reporting incidents.
  5. Make sure documentation is organized and accessible for an auditor.

Brown Consulting, Ltd. can help you guarantee HIPAA compliance!

We have over 30 years of experience helping behavioral health organizations meet HIPAA requirements! Our HIPAA Compliance Analysis involves reviewing your current processes, providing recommendations, and providing you with concrete examples of plans, policies and procedures, forms, contracts, positions descriptions and other documentation to ensure your organization is successful.  Services also include interactive work-groups and training with staff.

 

-Megan Phillips, M.A.

 

References:

http://www.hipaajournal.com/ocr-hipaa-enforcement-summary-2016-hipaa-settlements-8646/