CONTRIBUTOR

ARTICLE

United States: More On HIPAA Audits For 2016 and 2017–Desk Audits And On-Site Audits

30 November 2016

by Colin J. Zick

Foley Hoag LLP

Your LinkedIn Connections
with the authors

To print this article, all you need is to be registered or login on Mondaq.com.

As part of the ongoing HHS OCR HIPAA audit initiative, it is conducting "HIPAA desk audits." These audits don't involve auditors coming in your facility. Instead, covered entities are being asked to submit documents on:

(1) their risk analysis and risk management plans under the HIPAA security rule;

(2) the content and timeliness for following the HIPAA breach notification rule; or

(3) the notice of the entity's privacy practices for health information and patients' right to access their data.

Business associates also will be required to submit the same security rule information as covered entities. They also must submit their plan for reporting any data breaches to the covered entity.

***

Once these desk audits are completed, the next step of the HHS OCR audit program, on-site audits, is scheduled to begin early in 2017.

To view Foley Hoag's Security, Privacy and The Law Blog please click here

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.

AUTHOR(S)

Colin J. Zick

Foley Hoag LLP

ARTICLE TAGS

United States Accounting and Audit Audit Food, Drugs, Healthcare, Life Sciences Healthcare Privacy Privacy Protection

POPULAR ARTICLES ON: Privacy from United States

RELATED CONTENT

FREE News Alerts

Sign Up for our free News Alerts - All the latest articles on your chosen topics condensed into a free bi-weekly email.

Article Tags

United States Accounting and Audit Audit Food, Drugs, Healthcare, Life Sciences Healthcare

More Tags

Related Articles

DoorDash Fined $375,000 By California AG In Second-Ever Publicly Disclosed CCPA Settlement Arnold & Porter

Biden Administration Issues Executive Order On Personal Data Steptoe LLP

American Privacy Rights Act Unveiled: Applies To More Entities Than Any Current State Privacy Law Foley & Lardner

New Jersey Adopts A Comprehensive Data Privacy Law Mintz

Illinois BIPA Legislative Update Regarding Damages Seyfarth Shaw LLP

Mondaq Webinars

APR24

Mastering Mediation & Arbitration: Strategies for Navigating the Rising Tide of Privacy Class Action Lawsuits

APR25

Canadian Employment Law: Updates and Emerging Trends in Employment

McCarthy Tétrault LLP

Comparative Guides

Anti-Corruption & Bribery

Artificial Intelligence

Aviation Finance

Aviation Regulation

Banking Regulation

Mondaq Advice Centres

United States

Advertising and Marketing

United States

Telemarketing

United States

COVID-19

Global

Trademarks in SAARC Countries

United States

International Trade Law & Customs

Curated Content

Can, And Should, The U.S. Government Develop A CBDC System?
Braumiller Law Group, PLLC

Upcoming Events

APR24

Legal Perspective: Data Privacy Considerations Within Medical Information Operations

Speaking Engagement Boston United States

APR24

One Nucleus: Boston Bootcamp 2024

Wolf, Greenfield & Sacks, P.C.

Other Boston United States

More filters

Mondaq Social Media

© Mondaq® Ltd 1994 - 2024. All Rights Reserved.

Please to Mondaq or for unlimited free access and a complimentary news alert

|

|

|

|