When it comes to HIPAA audits of Covered Entities (CE) and Business Associates (BA), the compliance landscape has changed yet again. Phase 2 of HIPAA’s Audit Program began in 2016, and this time around it includes Business Associates as well as Covered Entities. The Department of Health and Human Services/Office of Civil Rights (HHS/OCR) is choosing CEs and BAs through random sampling of the audit pool.
In this most recent audit phase, the Office of Civil Rights is reviewing the policies and procedures that covered entities and business associates have in place to meet certain standards and specifications of the HIPAA
Privacy, Security, and Breach Notification Rules. While Phase 1 consisted primarily of desk audits of Covered Entities, Phase 2 includes audits of Business Associates, and Phase 3 audits will be conducted on-site. The
third set of audits will broaden the scope of HIPAA compliance requirements, and all CEs and BAs who were subject to a desk audit are eligible to be audited on location after the initial audit phase.
VITECH helps prepare both Covered Entities and Business Associates by conducting comprehensive HIPAA compliance audits before an audit by the Office of Civil Rights. We’ll help you navigate the documentation process from the first pre-audit questionnaire through the on-site assessment to help you ensure your organization is up-to-date with the latest requirements of the HIPAA Security Rule.
VITECH’s HIPAA compliance audit is your solution to the challenges presented by HIPAA compliance requirements and the recently expanded Health and Human Services/Office of Civil Rights (HHS/OCR) HIPAA audits. Our team of dedicated auditors are well-versed in HIPAA compliance standards and the HIPAA audit process. We work with healthcare organizations, therapists, mental health counseling centers, and addiction recovery centers from day one – and we stick with you over the long haul to provide expert compliance guidance throughout the HIPAA audit life-cycle.
In the event that your healthcare organization is subject to a Department of Health and Human Services/Office of Civil Rights (HHS/OCR) HIPAA audit, our HIPAA compliance audit includes a Risk Analysis and Risk Management Plan to help you satisfy documentation and compliance requirements so you can feel confident that you’re on solid ground. Our HIPAA compliance audit includes a Risk Analysis to also help you attest to Meaningful Use, which allows eligible providers to accept incentive payments for the proper handling and usage of electronic health information (EHR)
Keeping your healthcare organization secure and HIPAA compliant is VITECH’s top priority. If you’re concerned about a pending audit and you’d like to learn more about VITECH’s comprehensive HIPAA compliance audit service, reach out to us for a consultation.
Fill In The Form Below for industry news, and information about our services, events, webinars and more.