OCR Building HIPAA Audit Plan With Outside Help
HIPAA's privacy and security enforcer has hired an outside firm to help build its HITECH-required HIPAA auditing plan, the government agency tells HealthLeaders Media.
The Office for Civil Rights (OCR), which carries out for the Department of Health & Human Services (HHS) enforcement of the HIPAA privacy and security rules, says it does not have a timetable for when the audit plan begins.
However, in an e-mail to HealthLeaders Media Thursday, May 20, OCR says it is "presently engaged in a contract to survey and recommend strategies for implementing the HITECH audit requirement."
The firm is Booz Allen Hamilton.
HITECH, signed into law by Congress February 17, 2009, requires OCR to conduct "periodic audits" of covered entities regarding HIPAA privacy and security compliance.
The contractor will help OCR with the "how" and "when" of the audit program.
Sue McAndrew, the deputy director for Health Information Privacy for OCR, told HealthLeaders Media at the 18th Annual National HIPAA Summit in February that "there are 1,000 ways to do this."
Talk of enforcement heated up this month at a national security conference, according to Mac McMillan, CEO of CynergisTek™ and one of the speakers at the Washington, DC, conference–"Safeguarding Health Information: Building Assurance through HIPAA Security."
The conference was hosted by HHS, OCR and National Institute of Standards and Technology (NIST).
MacMillan praised OCR for what he called a "proactive" approach to carrying out the provisions in the HITECH and maintaining transparency in the process. He said the longtime privacy enforcer, which this year took over enforcement of the security rule from CMS, is "doing a much better job than its predecessor."
"OCR is much more organized and is quietly getting its stuff together," says MacMillan, who has had conversations with top OCR officials. "With CMS, enforcement just didn't really fit. OCR on the other hand has been in the business of investigating privacy issues since Day 1."
- Healthcare Leaders Seek Strategic Sweet Spot
- 3 Reasons Wellness Programs Fail
- CMS Issues Health Insurance Exchange Proposed Rules
- Patients Shoulder Nearly 25% of Medical Bills
- ACOs Widespread, Yet Challenged
- MGMA: Physician Compensation Increasingly Based on Quality Measures
- Healthcare Costs 'An Abomination' Says Senate Finance Committee Chair
- Healthcare Consolidation: M&A Not the Only Way
- 6 CNO-to-CEO Strategies
- PwC: Pace of Rising Medical Costs Slowing