OCR: $5 Million More Needed For HIPAA Enforcement

 Compliance review program ($1 million). Supports OCR's establishment of a compliance review program designed to evaluate, educate, and ensure compliance within a sample of the expanded covered programs and providers each year. OCR anticipates that FY 2012 will be the starting point for a steady increase in civil rights complaints requiring investigation and compliance reviews.

"OCR's 2012 Budget Justification highlights that while our workload has increased, we are working smarter and more strategically to fortify our enforcement activities across the board," an OCR spokesperson wrote in an e-mail to HealthLeaders Media. "OCR is the primary defender of the public's right to privacy and security of protected health information and the public's right to non-discriminatory access to federally-funded health and human services, and we take these responsibilities very seriously."

Another HITECH enforcement requirement – OCR's periodic audits – has yet to be released. The last update came last May when OCR announced it had hired an outside firm, Booz Allen Hamilton, to help build its HITECH-required HIPAA auditing plan. OCR told HealthLeaders Media it was "presently engaged in a contract to survey and recommend strategies for implementing the HITECH audit requirement.