[ Tuesday, June 26, 2012 ]
Audit Protocol is Up:
No, not a Tom Cruise movie, but the structure used by OCR in connection with its audits of covered entities
for Privacy Rule and Security Rule compliance. There are 77 different performance critera audited under the Security Rule, and 88 criteria under Privacy and Breach. The tool is searchable as well.
Audits are here for the unlucky initial few, but they will continue for the forseeable future. And they will be a source of OCR fines as well -- if they'll tag a state agency, they'll definitely tag you. There's really no excuse for any healthcare provider not to review this protocol on a systematic, step-by-step basis. Learn where you are weak and fix it, before OCR comes and does it for you. Or better yet, before you suffer a breach and create distrust and a bad name for yourself.
Jeff [5:29 PM]
Blogger: HIPAA Blog - Edit your Template