How to Prepare for a HIPAA Audit

The Office for Civil Rights (“OCR”) is auditing many providers regarding HIPAA compliance.

We can help your practice stay on top of the latest healthcare news, rules, regulations and trends.  Subscribe to stay current and up to date on important matters that will impact your practice.  (To subscribe to our blog ).

All providers of all sizes are at risk of being audited.

OCR fines ranging from $215,000.00 to millions of dollars, it’s important to prepare in advance.

Many healthcare employers are overwhelmed by the idea of conducting a risk analysis, others are unsure if a risk analysis is necessary.

The OCR has stated very plainly, that staying in compliance through periodic risk analysis is the best way to prepare for an audit.

How do you know if your practice is going to face an OCR audit?

OCR is looking for breach patterns but is looking to audit a variety of healthcare covered entities and business associates.

The way providers can escape hefty fines is by having the proper systems in place to prevent breaches, and to deal with breaches after the fact. A risk analysis looks at the potential risks and vulnerabilities to the confidentiality, availability and integrity of protected health information.

Where to begin?

While performing a comprehensive risk analysis might sound overwhelming, it’s the best (and the only) place to start. OCR puts the burden on providers to show that proper systems were in place, and appropriate steps were taken to avoid or deal with breaches.

Risk analysis should be completed at least annually, and determine:

  1. Where physical and electronic protected health information is stored;
  2. The current and potential risks to confidentiality;
  3. The likelihood of each risk;
  4. The measures in place to address risks; and
  5. The measures that need to be put into place.

Once a complete risk analysis is done, you need to begin implementing the methods to remedy risks and vulnerabilities. Train your employees and update your policies and procedures.

We help our clients keep their risk assessments up to date and their employees trained!

In our next blog post, we will keep you informed of related issues.  To get this important information delivered directly to your mail box, 

Do you need help staying current and compliant with the latest laws, rules and regulations?  We can help. To contact us about your new government rules and regulations, your practice’s risk assessment, or about your other legal needs:  CLICK HERE.

P.S. If you or your patients are interested in consumer healthcare issues, check out myhealthspin.com.

Related Posts

Categories

Recent Posts

Getting Remarried? Here’s What You Need to Know
March 21, 2024
What is the Biggest Threat to Healthcare?
January 30, 2024
How Can I Simplify Estate Planning?
January 11, 2024
I Have a Trust. Now What?
December 7, 2023
Breaking: Corewell Health Breach
December 5, 2023

Subscribe

Subscribe to Our Newsletter

Subscribe and get your FREE copy of Easy Guide to HIPAA Risk Assessments

An essential tool for all healthcare providers, Easy Guide to HIPAA Risk Assessments breaks down the requirements of HIPAA so you can successfully complete your required risk assessment. (an $8.99 value)

Thank you for subscribing to the Rickard & Associates healthcare blog. You'll receive a confirmation email shortly. After verifying your subscription request, you'll be sent to the "Easy Guide to HIPAA Risk Assessments" download page.