Prepare for tougher HIPAA enforcement in 2008
All types of covered entities are subject to investigation-including hospitals, pharmacies, health plans, and private practices--but PwC will target only those against which CMS has already received a complaint.
The audits will also focus solely on security violations, although it's likely that privacy complaints or other violations with security overtones will be examined or reported to the appropriate agency if discovered, says John C. Parmigiani, who contributed to the development of the privacy and security rules and is now president of John C. Parmigiani & Associates, LLC, in Ellicott City, MD. According to the most recent information on CMS' Web site, the agency has received 370 security-related complaints. Of those, 230 are closed; 140 are still the subject of ongoing investigations. The most common security complaints relate to:
- Information access management
- Security awareness and training
- Access control
- Workstation use
- Device and media controls
The announcement comes on the heels of the OIG's security audit of Atlanta-based Piedmont Hospital, which began in March 2007 and reflects a general shift toward tougher HIPAA enforcement.
"I think that's kind of a wakeup call that says we are getting pressure to step up enforcement activities and [investigate] all these complaints under privacy and security," Parmigiani says.
Elyas Bakhtiari is a managing editor with HealthLeaders Media. He may be reached at email@example.com. Andrea Kraynak is an associate editor with HCPro, Inc. She may be reached at firstname.lastname@example.org.
- Senators Hear How Two-Midnight Rule Harms Patients, Hospitals
- 3 Management Lessons from a Supermarket Debacle
- Medicare Advantage Carriers See 'No Choice' But to Accept Cuts
- Physicians to Appeal 'Docs v. Glocks' Ruling in FL
- IOM Identifies GME Problems, Calls for Finance Changes
- Revenue Cycles Get a Boost from Simple JPEG Files
- Healthcare Costs Start With What We Eat
- CA Fines 8 Hospitals for Medical Errors
- Handshaking Spreads Germs. Get Over It.
- Anatomy of 3 Health System Rebranding Efforts