(Journal of Healthcare Information Management – (JHIM) – Spring 2013 – Used by permission from HIMSS). We should all know by now that the Office for Civil Rights (OCR) has been mandated to audit all HIPAA Covered Entities (CEs) and Business Associates (BAs), and we now know the main ingredients of the audits, the protocols, which are subject to change over time based on audit results. All CEs and BAs should begin a process now to prepare for an OCR audit based on the most current protocols. Why? Because once the OCR notifies you that your organization will be audited, you only have a couple of weeks to prepare.

How to Prepare for a HIPAA – HITECH Audit
(Journal of Healthcare Information Management – (JHIM) – Spring 2012 – Used by permission from HIMSS). Covered entities (CEs) and business associates (BAs) can now clearly see the “HIPAA police” up ahead on the “side of the road”.

The pilot version of the Health Insurance Portability and Accountability Act compliance audit program, launched this month and slated to continue with up to 150 audits by the end of next year, is paving the way for a permanent program, Leon Rodriguez, director of the Department of Health and Human Services’ Office for Civil Rights, said during a Nov. 17 presentation.

The AMA’s action comes less than 23 months before the ICD-10 compliance date of Oct. 1, 2013.

Consultants: Keep the anonymous HIPAA and HITECH policy and procedure surveys coming! So far we have a number of completed surveys that represent hundreds of providers and health plans.