Initial HIPAA audit results released

Written by Reed Tinsley | June 28, 2012

 

Earlier this month, OCR revealed some preliminary results of these pilot audits at a National Institute of Standards and Technology conference. OCR presented audit results for 20 covered entities. The audits revealed a number of common issues, including the following:

- Lack of written policies and procedures
- Missing business associate contracts
- Improper use and disclosure of information concerning deceased patients
- Failure to verify the identity of the person requesting health information
- Improper disclosures in response to judicial subpoenas and administrative requests
- Denials of patients’ access to their own records
- Lack of ongoing privacy training
- Minimal monitoring of employees’ access to electronic patient records
- Lack of contingency plans in cases of emergencies in order to access electronic records

http://www.garfunkelwild.com/ClientAlerts/AlertPDF/2012/OCRHIPAAAuditResults-OCRpdf.pdf

About the Author

Reed Tinsley CPA

This article is written by Reed Tinsley, a Houston, TX-based CPA with over 30 years of experience advising physicians and medical practices across Texas and the United States. Reed holds certifications as a Certified Valuation Analyst (CVA), Certified Healthcare Business Consultant (CHBC), and Certified Financial Planner (CFP), specializing exclusively in the healthcare sector. He is a published author, nationally recognized speaker, and trusted advisor to physicians on accounting & tax, practice management, and financial planning. Schedule a Free Consultation.

Have questions? I’m here to help.