You may get a little breathing room on HIPAA audits. The funding for security rule audits of health care providers seems to have dried up, the HHS Office for Civil Rights has told the OIG.
In a new report, the OIG calls OCR on the carpet for a number of problems with its HIPAA auditing program, ranging from documentation to organization to actually conducting the audits. In one of its recommendations, the OIG urges OCR to “provide for periodic audits in accordance with HITECH to ensure Security Rule compliance at covered entities.”
“OCR explained that no funds had been appropriated for it to maintain a permanent audit program and that funds used to support audit activities previously conducted were no longer available,” the OIG says in a summary of the report. The full report is at http://oig.hhs.gov/oas/reports/region4/41105025.pdf.