[ Tuesday, July 05, 2011 ]
OCR Auditing Activities:
It appears that OCR is moving forward with its obligation to conduct audits of CEs and BAs to gauge HIPAA compliance. Some time ago they hired Booz Allen to identify audit candidates, and I figured Booz would also conduct the audits. But OCR has hired KPMG to actually do the audits
Like Adam Greene, I'm not sure this paints a definitive picture of how these audits will move forward (much less when), whether they'll be punitive or collaborative, or any other specific information. Cynical folks might see this as a good reason to hire KPMG if you're concerned about your HIPAA vulnerabilities.
Jeff [12:43 PM]
Blogger: HIPAA Blog - Edit your Template