OCR’s Audit Program, which began in December 2011, is part of HHS’ efforts under HITECH to assess HIPAA compliance by covered entities, identify best practices, and discover risks and vulnerabilities in protecting the privacy and security of PHI which may not have come to light through OCR’s complaint investigation and compliance reviews. OCR has repeatedly stated that… Continue Reading
Monthly Archives: June 2012
HIPAA Final Rule Status Update
Posted in RulemakingWe reported a few months back that the end of June was the anticipated timeframe for the issuance of the final HIPAA rule. Recent comments from federal officials indicate that this might be a bit optimistic. At the annual Safeguarding Health Information: Building Assurance through HIPAA Security conference, the Department of Health and Human Services Office for… Continue Reading
OCR RELEASES STATE ATTORNEYS GENERAL HIPAA TRAINING MATERIALS
Posted in EnforcementWith the enactment of HITECH in 2009, State Attorneys General became a player in the HIPAA enforcement game. Section 13410(e) of HITECH permits State Attorneys General to obtain damages on behalf of state residents or to enjoin further violations of the HIPAA Privacy and Security Rules. In 2011, the Office for Civil Rights (OCR) developed… Continue Reading