<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=1602061480087256&amp;ev=PageView&amp;noscript=1">

R&R Insurance Blog

Phase II HIPAA Audits Occurring in 2015

Posted by the knowledge brokers

HiPAA 2The Office of Civil Rights (OCR) has proposed to ramp up their Phase II HIPAA audits at some point in 2015. Unlike the initial pilot Phase I audits, the second round will require compliance from the chosen health care account, as well as be expanded to include their “Business Associates.” Business Associates being subcontractors of health care organizations that have business agreements with the selected entity.

These audits will affect between 550-800 covered entities and their associated business partners chosen at random through the National Provider Identifier database.

What will the OCR be looking for?

  • Risk analysis and risk management policies
  • Content and timeliness of breach notifications
  • Notice of privacy practices
  • Individual access
  • Training procedures
  • Device and media controls
  • Transmission security (Encryption)

The OCR will use the Phase II Audit findings to identify technical assistance that it should develop for covered entities and business associates. In circumstances where an audit reveals a serious compliance concern, OCR may initiate a compliance review of the audited organization that could lead to civil money penalties.

If you are a health care organization or have a Business Agreement with a health care organization, this may be a good time to review your Network Security Liability coverage with your insurance agent.


Contact our knowledge brokers for more information!

Topics: Healthcare, HIPAA, audit, Compliance, health care, HIPAA audit

HIPPA Regulations Another Liability For Hospitals

Posted by the knowledge brokers

Rules governing the restricted use of patient information create an additional liability exposure for the healthcare industry. The final HIPAA regulations establish the first ever national standards for privacy of health information. Enforcement activity for non-compliance may become an additional challenge for hospitals that are governed by these regulations in the near future.

R&R Insurance offers coverage that provides defense and indemnity protection for fines and penalties levied by Federal or State enforcement agencies as a result of government allegations of HIPAA regulatory violations.

For more information about Regulatory Compliance Insurance, contact a knowledgebroker.

Topics: Healthcare, HIPAA, Business Insurance, health-care industry