Legal Alert: Office of Civil Rights to Conduct HIPAA Compliance Audits
Privacy and Data Protection Alert
Office of Civil Rights to Conduct HIPAA Compliance Audits
by Kathryn Hackett King and Rebecca A. Winterscheidt
Some employers will soon feel the impact of one of the major provisions of the 2009 economic stimulus package. Specifically, health care providers, health plans and health care clearinghouses will be the targets of new government audits focusing on Health Insurance Portability and Accountability Act of 1996 (HIPAA) privacy and security compliance.
HIPAA Compliance Audit Program
As part of the American Recovery and Reinvestment Act of 2009, the Health Information Technology for Economic and Clinical Health Act (the HITECH Act) amended certain provisions of HIPAA. The HITECH Act required the U.S. Department of Health and Human Services (DHHS) to develop procedures for periodically auditing covered entities and business associates to promote compliance with HIPAA’s privacy, security and breach notification standards.