Feds Unsure About HIPAA Enforcement Practices
Sue McAndrew, the OCR deputy director for Health Information Privacy, asked later in the day by HealthLeaders Media, said she did not yet know the process by which HHS will conduct audits.
OCR may build on existing types of audits or perhaps partner with the inspector general, McAndrew speculated.
"We are basically in the process of doing some scanning and weighing our options of what kinds of audit programs are out there and what turns out to be the most effective," McAndrew said.
OCR has only levied two major fines—Providence Health & Services in July 2008 ($100,000 fine and corrective actions) and CVS in February 2009 ($2.25 million fine).
According to HHS, the federal government will spend about $24.3 million on privacy and security efforts, including:
- Reports to Congress
- Training for state attorneys general
- Carrying out regulatory and enforcement requirements of HITECH
Dom Nicastro is a contributing writer. He edits the Medical Records Briefings newsletter and manages the HIPAA Update Blog.
- Senators Hear How Two-Midnight Rule Harms Patients, Hospitals
- 3 Management Lessons from a Supermarket Debacle
- Medicare Advantage Carriers See 'No Choice' But to Accept Cuts
- Physicians to Appeal 'Docs v. Glocks' Ruling in FL
- IOM Identifies GME Problems, Calls for Finance Changes
- Revenue Cycles Get a Boost from Simple JPEG Files
- Healthcare Costs Start With What We Eat
- CA Fines 8 Hospitals for Medical Errors
- Centralizing the Revenue Cycle Protects the Bottom Line
- Anatomy of 3 Health System Rebranding Efforts