Is your practice prepared for 2016 HIPAA Audits?

May 4th, 2016 by admin

Image Credit:

In 2016 the Office of Civil Rights received an increase to their annual budget for their audit program which is mandated by the Health Information Technology for Economics and Clinical Health also referred to as HITECH.

The Office for Civil Rights has stated that the 2016 phase 2 audits will make certain that HIPAA compliance standards are being met be covered entities and business associates.  Covered entities are health plans, health care provider, such as a Physician, Dentist, Chiropractor, Psychologist, etc. , who electronically transmit any health information in connection with transactions for which HHS has adopted standards.

The 2016 audits will create a sample base of covered entities to ensure HIPAA Privacy, Security and Breach Notification Rules compliance.  Take the time now to prepare in the event your practice is selected.  Review office policies, procedures and make sure you’re in compliance with HIPAA and HITECH standards.

Questions to ask if your practice is prepared for a HIPAA audit:

  1. Have you implemented and documented the policies and procedures specific to your practice
  2. Have your employees been trained on your policies and procedures? At time of hire and annually thereafter including updates?
  3. What have you done to safeguard and secure PHI?
  4. Do you have a list of all devices used by the practice that may contain PHI?
  5. Have mobile devices that contain PHI been encrypted?
  6. Are you Notices of Privacy Practice current and prominently posted? Does it include information on compliant filing?
  7. Do you know the definition of a Business Associate and have you determined who they may be in relationship to your practice? Do you have business associate agreements in place?
  8. Are you aware of any possible breaches of PHI? Have they been reported to proper authorities?

There are more items that you need to be aware of in order to be prepared for a possible phase 2 audit.

Medical Economis has an article online at which will provide you additional information.