On March 21, the federal Office for Civil rights (OCR) announced the start of the next phase of audits under the Health Insurance Portability and Accountability Act (HIPAA). Read the OCR’s announcement here.
In sum, audits will be extend to all types and sizes of organizations required to follow HIPAA rules, including business associates of healthcare providers. The 2016 audits will primarily be desk audits, although some on-site visits will be included.
Those selected for an audit will receive an email, asking for contact information. The contact person or office will then receive a pre-audit questionnaire.
Here is something especially important to know:
“Communications from OCR will be sent via email and may be incorrectly classified as spam,’’ the agency said in its announcement. “If your entity’s spam filtering and virus protection are automatically enabled, we expect entities to check their junk or spam email folder for emails from OCR.”
MyHIPAAGuide.com subscribers may click here for detailed information including:
- Sample letter to auditees
- Pre-screening questionnaire
- Sample template entities may use to develop their list of business associates
- Details of the audit process