Employee Health Plans - HHS Begins Nationwide HIPAA Audit Programs

The Office for Civil Rights of the Department of Health and Human Services has begun its previously-announced nationwide HIPAA audit programs of employers and their HIPAA Business Associates. The audits, which will be both by mail and on-site, reportedly will focus on:

-the Notice of Privacy Practices required to be distributed by employers;

-issues concerning plan participants’ right to access their Protected Health Information;

-risk management and risk analysis under the HIPAA security rules; and

-procedures for dealing with HIPAA privacy breaches.

Naturally, now would be a good time for employers that maintain employee health plans, and their health plan service providers, to perform internal HIPAA privacy and security self-diagnostics to ensure that they are in full compliance with the various HIPAA rules before an OCR auditor shows-up.

Please contact us if we can be of any assistance with your HIPAA compliance.

Categories: Regulations