HIPAA Checkup – How Good Are Your Policies and Procedures?

Although it is not a new requirement, it is important and therefore worth a reminder:  HIPAA requires covered entities to establish and implement written policies and procedures that are consistent with its Privacy and Security Rules.

As discussed in an earlier blog, the U.S. Department of Health and Human Services, Office for Civil Rights (“OCR”) has begun its Phase 2 HIPAA Audit Program.  The Program will focus on the policies and procedures adopted and employed by covered entities and their business associates to meet the requirements of the Privacy, Security, and Breach Notification Rules.  Furthermore, if a group health plan is selected for an audit, it would have a very short time to produce its policies and procedures (i.e., 10 business days).  Read More ›

Posted in Employee Benefits, Health & Welfare Plans | Tagged , , , , ,

Share this Article: