HIPAA Auditor Involved in Own Data Breach
Asked if OCR considered the KPMG involvement on this 2010 breach at any level when considering it for the HIPAA audit contract, McAndrew only said, “the award of the HIPAA audit contract was the result of HHS’ usual, rigorous, competitive process. Specific questions regarding the contract award are procurement sensitive.”
The process to hire KPMG involved a Department of Health and Human Services (HHS) panel that reviewed and ranked all technical proposals and qualifications by “predetermined evaluation criteria,” McAndrew said.
“Evaluation criteria in the solicitation included responsiveness to the audit design requirements in the HHS statement of work, as well as past performance on other compliance audit programs,” McAndrew said. “Negotiations were conducted, and an offer was made.”
KPMG LLP is an audit, tax, and advisory firm and is the United States member firm of KPMG International, according to its website. KPMG International’s member firms have 137,000 professionals, including more than 7,600 partners, in 144 countries.
Dom Nicastro is a contributing writer. He edits the Medical Records Briefings newsletter and manages the HIPAA Update Blog.
- New G-Codes to Pay Doctors for Broad Array of Non-Face-to-Face Care
- CMS Sets 2014 Pay Rates for Hospital Outpatient and Physician Services
- Telehealth Improves Patient Care in ICUs
- Hospital M&A Volume Up, Value Down in 3Q
- 50 Years of Fighting Pressure Ulcers Called Into Question
- Douglas Hawthorne—A Chance to Do Something Big
- States Rejecting Medicaid Expansion Forgo Billions in Federal Funds
- Why You Should Involve Patients in Nursing Handoffs
- Nonprofit Hospital Outlook 'Negative' in 2014
- The 5 Biggest Healthcare Finance Trouble Spots