Resources for Health Insurance Portability and Accountability Act (HIPAA)

Are OIG Security Audits Underway?

health-information.advanceweb.com

The Office of Inspector General's 2007 Work Plan states that the OIG will "review the experience with [HIPAA] administrative simplification privacy and security implementation in Medicare and Medicaid to identify key issues that may be relevant to [DHHS's] HIT initiative." The initiative "has a primary objective of fostering the use of electronic medical records throughout the health industry to promote economy and efficiency in the delivery of health services and to enhance patient safety."

Last March, Piedmont Hospital, a 458-bed, acute tertiary care facility in Atlanta, earned the dubious distinction of being the first facility subject to scrutiny since HIPAA's security rules went into effect in April 2005. Few details came out and an official report has yet to be published but various leaks indicated that the audit, initially scheduled for a few weeks stretched into months and the auditors requested information about 42 items regarding safeguards, access and assessment, monitoring and sanctions. The sketchy details leave the rest of the health care industry with little to go on when it comes to criteria for more security audits and the next targets.

View the Resource

Share or bookmarklet this web page at: